Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
148s -
max time network
146s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system -
submitted
17/01/2025, 10:25
Behavioral task
behavioral1
Sample
fuck.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
fuck.exe
Resource
win10v2004-20241007-en
General
-
Target
fuck.exe
-
Size
481KB
-
MD5
7163fe5f3a7bcfdeec9a07137838012a
-
SHA1
3bd90557615ef95e4244bdbaa8e0e7fd949cdd3a
-
SHA256
5433726d3912a95552d16b72366eae777f5f34587e1bdaa0c518c5fcbc3d8506
-
SHA512
ea6d91205ed0d53868f44077e1d6db3bf8d6e3607378be22e643df3777120aa36d53e39748e4220dbf1d3355a0b791b9a3e5ddc080018d169c81d7ce0afb6478
-
SSDEEP
12288:z13ak/mBXTG4/1v08KI7ZnMEF76JqmsvZQqS:5ak/mBXTV/R0nEF76gFZJ
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language fuck.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 1736 fuck.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
184B
MD5169500301346f389398f6b1f20391d8b
SHA19fae1fda4ce2e18db699c0175262a62211c07753
SHA256aa02367e5870f78d8bce38e2040f2124d41c5b83e2e978fe3ab59342602ca025
SHA51285705a5fbdb5a91ab55dfb19dcd91a9d1b94396e27b4f5d47cc5f73558e6aec4ca098533276bf4a3230dffdfa6ae69053c1184c037d44d49a4ab3f8c9b5afca1