Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
OSE.exe
-
Size
1022KB
-
Sample
200710-9qmhk5t4fx
-
MD5
66883d9f96b49980f2faa93043d00c1d
-
SHA1
6460aed133d60d8cf7a1cebc9eac08d9e0a635e2
-
SHA256
0d3054972b35fa5c6f67ba30f1495823dda35917b171af358242c20293e2bbbb
-
SHA512
7ce17d14d88da961f7d11531a60adf3ea4e8b6f4e08f76f73ca9a2af4986e7f4739a6407e790ee974325d3417f9459860a795d7f67a6c13412bcc0268d36530b
Malware Config
Targets
-
-
Target
OSE.exe
-
Size
1022KB
-
MD5
66883d9f96b49980f2faa93043d00c1d
-
SHA1
6460aed133d60d8cf7a1cebc9eac08d9e0a635e2
-
SHA256
0d3054972b35fa5c6f67ba30f1495823dda35917b171af358242c20293e2bbbb
-
SHA512
7ce17d14d88da961f7d11531a60adf3ea4e8b6f4e08f76f73ca9a2af4986e7f4739a6407e790ee974325d3417f9459860a795d7f67a6c13412bcc0268d36530b
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger log file
Detects a log file produced by MassLogger.
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Drops startup file
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-