Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

9593b93784...37.exe

windows7_x64

10

9593b93784...37.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9593b9378472dcb8e5e4adef932671382b6a9c7e4a2a06c3cfe72de5279c3837

  • Size

    515KB

  • Sample

    220508-xxmkfsfhc8

  • MD5

    4f49935909c402b073e2bcf0df3320ec

  • SHA1

    ce5eb1fa3286c03169823393efb7ed93fabf1e0f

  • SHA256

    9593b9378472dcb8e5e4adef932671382b6a9c7e4a2a06c3cfe72de5279c3837

  • SHA512

    c68243a392bbc200e82af219d6011a80d73d23dd3d91ed2106ae1e1c480741a986871913eae077b8c0bf2758e16b4184c899a2569a801dd7d3fb4ff18b6c77eb

Score
10/10
poullightspywarestealersuricatatrojan

Malware Config

Targets

    • Target

      9593b9378472dcb8e5e4adef932671382b6a9c7e4a2a06c3cfe72de5279c3837

    • Size

      515KB

    • MD5

      4f49935909c402b073e2bcf0df3320ec

    • SHA1

      ce5eb1fa3286c03169823393efb7ed93fabf1e0f

    • SHA256

      9593b9378472dcb8e5e4adef932671382b6a9c7e4a2a06c3cfe72de5279c3837

    • SHA512

      c68243a392bbc200e82af219d6011a80d73d23dd3d91ed2106ae1e1c480741a986871913eae077b8c0bf2758e16b4184c899a2569a801dd7d3fb4ff18b6c77eb

    Score
    10/10
    poullightstealertrojanspywaresuricata

    • Poullight

      Poullight is an information stealer first seen in March 2020.

      trojanstealerpoullight

    • Poullight Stealer Payload

    • suricata: ET MALWARE Matrix Max Stealer Exfiltration Observed

      suricata: ET MALWARE Matrix Max Stealer Exfiltration Observed

      suricata

    • suricata: ET MALWARE Trojan Generic - POST To gate.php with no accept headers

      suricata: ET MALWARE Trojan Generic - POST To gate.php with no accept headers

      suricata

    • suricata: ET MALWARE Trojan Generic - POST To gate.php with no referer

      suricata: ET MALWARE Trojan Generic - POST To gate.php with no referer

      suricata

    • suricata: ET MALWARE Win32/X-Files Stealer Activity

      suricata: ET MALWARE Win32/X-Files Stealer Activity

      suricata

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.