Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

Zahlung.exe

windows7_x64

10

Zahlung.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Zahlung.exe

  • Size

    674KB

  • Sample

    200713-pe1nq3fxwn

  • MD5

    dd7780218fbe47cba351ad4d3093818c

  • SHA1

    391d5b649c1d591a2a0d2b997ee2fc91e66d3fc5

  • SHA256

    816428017475b2cf161c37e042f81c84805f857784b7ece2ba81d23d8d826676

  • SHA512

    5ba457bfd40c39df7d1248472890e02994cc0d8ea70b1b51c37b8e6a0d7ba2950e280f5f6e936e4a91e9bf4db67748a4ad8531904ef45613e10c3f91c42d05d9

Score
10/10
hawkeyekeyloggerspywarestealertrojan

Malware Config

Targets

    • Target

      Zahlung.exe

    • Size

      674KB

    • MD5

      dd7780218fbe47cba351ad4d3093818c

    • SHA1

      391d5b649c1d591a2a0d2b997ee2fc91e66d3fc5

    • SHA256

      816428017475b2cf161c37e042f81c84805f857784b7ece2ba81d23d8d826676

    • SHA512

      5ba457bfd40c39df7d1248472890e02994cc0d8ea70b1b51c37b8e6a0d7ba2950e280f5f6e936e4a91e9bf4db67748a4ad8531904ef45613e10c3f91c42d05d9

    Score
    10/10
    spywarekeyloggertrojanstealerhawkeye

    • HawkEye

      HawkEye is a malware kit that has seen continuous development since at least 2013.

      keyloggertrojanstealerspywarehawkeye

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Uses the VBS compiler for execution

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks