Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
JaffaCakes118_145356f559186ff2bb984ca4a53c91d9
-
Size
1.4MB
-
Sample
250123-gqxh3sxkdr
-
MD5
145356f559186ff2bb984ca4a53c91d9
-
SHA1
9d8918f5596a19e093b2777c55cd5900afec601e
-
SHA256
48c90e9bf2a1bc222607ca074a001e616ec79bbf4c912472ab615000bb7d49d5
-
SHA512
0ca2a24430f6ddddf032fa101c1c060e0d888bece435eeb36c30e545eacf509a4abf394ee04ca42c2bdc67d04bf4dd17858822e9925d2310a9a9e2c955c809fa
-
SSDEEP
24576:l/OCOfBqmI+hdNi8UEjIfJeL79C+95ljCc1YNjl+U/M6bzqJ9dswTWGQ+oYmCJXD:l/OCEfhDihEjIfJekElu1/xXqv2wTWxE
Static task
static1
Behavioral task
behavioral1
Sample
Crack.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Crack.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
G-PROS~1.exe
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
G-PROS~1.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
Crack.exe
-
Size
1.4MB
-
MD5
2302eace8e12fa460b14c2e6764ac952
-
SHA1
e5caeb93f82243eec0d8f7fdb15efb3edc8c7386
-
SHA256
b19b5b4e514e71c32861a2c70d8c5f07a2c83af2f5c36e1b41e1a26c856c88da
-
SHA512
105676ae255d64101cb1aa7b2c6ceeb8301d5b12ae66d7542c99126c96b7606ae4a4af8ce9f07fb1ef746350f50e9b66d5d2eaa2c1cf946a2f3c3b713e8abf8c
-
SSDEEP
24576:wFI54ZfTnzI+FdXbiEEkU3cemn9C/RyijTcdYMFc5AIMcMzpJe5toTOGN+oGqCJW:KI54RfFtbPEkU3ceJ0iHQIRUpMToTOIh
Score4/10 -
-
-
Target
G-PROS~1.EXE
-
Size
32KB
-
MD5
4f597e155aa341b31c256c70f67a097b
-
SHA1
c32cd541d971e6f823b085e0bea2579e5764a77f
-
SHA256
694ce71682d85d6c56c6ca20f9d9ff8e558166ec228602d2a6cd60ac197401e7
-
SHA512
6fc82a0959e42bf53d82491a565f8dbfa7a52f1e9b8bc98d5725d5fcc4dc2e377cf7a9adcb60d86fd3d816948bafc5439016f6728cd79d3426ee0586cd554af6
-
SSDEEP
768:mqoxGVi3uS2kx34EvzJhAvBeSty4JmwDr:hfi3uSFx3XJhAr
Score10/10-
Modifies firewall policy service
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Legitimate hosting services abused for malware hosting/C2
-