Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2976e09cede37ef186fcb3fc9b60fc735b5a9142a7b9fc76ac34678177e81b28
-
Size
12.6MB
-
Sample
250225-yj7txatlt2
-
MD5
c096954a9dc5320422924d21d033a236
-
SHA1
3a2b87760df3262c1706420883bcdc43aba72f26
-
SHA256
2976e09cede37ef186fcb3fc9b60fc735b5a9142a7b9fc76ac34678177e81b28
-
SHA512
30d417f2839a90781f96eced878d1695b8f2e4a4a108f22f73324304ddd3960a1e054c3e662d960b85c8e406d0c2efb9ff6eca0f6c6d1ec40cfa1c1defe2b7be
-
SSDEEP
196608:XYnOjmWa3Uu28TMCSNvS7SGsgNRVJygisNMviNAIrvy5YuLSsJR887oWaSIALslL:/jaZMCoK7Sf6RVJAskbYrQmrWdsl5gU
Malware Config
Targets
-
-
Target
2976e09cede37ef186fcb3fc9b60fc735b5a9142a7b9fc76ac34678177e81b28
-
Size
12.6MB
-
MD5
c096954a9dc5320422924d21d033a236
-
SHA1
3a2b87760df3262c1706420883bcdc43aba72f26
-
SHA256
2976e09cede37ef186fcb3fc9b60fc735b5a9142a7b9fc76ac34678177e81b28
-
SHA512
30d417f2839a90781f96eced878d1695b8f2e4a4a108f22f73324304ddd3960a1e054c3e662d960b85c8e406d0c2efb9ff6eca0f6c6d1ec40cfa1c1defe2b7be
-
SSDEEP
196608:XYnOjmWa3Uu28TMCSNvS7SGsgNRVJygisNMviNAIrvy5YuLSsJR887oWaSIALslL:/jaZMCoK7Sf6RVJAskbYrQmrWdsl5gU
Score10/10-
Chinese_generic_botnet family
-
Generic Chinese Botnet
A botnet originating from China which is currently unnamed publicly.
-
Chinese Botnet payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Adds Run key to start application
-
Drops file in System32 directory
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-