Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a2e8843e56a343eb851c92463c123b06c2edc8a7c4704ec51e4ba42405cdb9b4
-
Size
1.2MB
-
Sample
220520-fybqxabdg5
-
MD5
62e7d2855d5fcfef51ebb089e4c927ba
-
SHA1
66b9c8af6cec8c97a2c27d5a85bb3dfaa4f3a238
-
SHA256
a2e8843e56a343eb851c92463c123b06c2edc8a7c4704ec51e4ba42405cdb9b4
-
SHA512
c6fc9221ef2f26ed20e5e97195260d7a445175f4b3c9fdb8a48c9e0c2b4d21cf0998a408261eeb976b9ef9a1867313fd5624509b5f105ca37a43546e3eeefa2f
Static task
static1
Behavioral task
behavioral1
Sample
SALIKHACK/SALIKHACK.bat
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
SALIKHACK/SALIKHACK.bat
Resource
win10v2004-20220414-en
Behavioral task
behavioral3
Sample
SALIKHACK/SALIKHACK.exe
Resource
win7-20220414-en
Behavioral task
behavioral4
Sample
SALIKHACK/SALIKHACK.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
SALIKHACK/SALIKHACK.BAT
-
Size
238B
-
MD5
21a67af3a0e70534daf91c971545bc80
-
SHA1
23141575d04651a2cd778a33732805c468033ef0
-
SHA256
940dd6c2693be78a671cad250f75a5b5324b3350e2b2fc1cfc098293b934fdb3
-
SHA512
b79f1dd26beee4a6995b0d67f112e4dff152d05822e8482579b6bdbd414b06cfbdeb6f55f4cb41d1821e6e7b98bfa3852e1d163355b3de5cd985373f8a333e66
Score1/10 -
-
-
Target
SALIKHACK/SALIKHACK.exe
-
Size
3.1MB
-
MD5
3be8fa0b38501cdb368c5cf5a0615880
-
SHA1
52083abf2794b5f6f8a429ef5bf5fa552896832f
-
SHA256
1d0c2228e4f710999bd97385b1595cd48bc9b79a837a01eff63efb470a1f92ba
-
SHA512
4d60b1c7d41f9a03147cf1d81640d9b6cd09078c9a8e1634006f505c95cf81a3f0a2f3f31b6c925fd9c90be6c733cac7a54cadf19b0dd0b63ea2b2d8a78ea5bd
Score10/10-
Poullight Stealer Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-