Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ac0bff3a87acefe245899d7f908a0e400d49d56b75b9ee6400ac58ea180e3e20
-
Size
932KB
-
Sample
220524-2mvwasedhn
-
MD5
2a3b3da0fbdfbcc9fafcce4708954170
-
SHA1
13e48a6734e0d1f2275ad42ad5630ca22ca130c9
-
SHA256
ac0bff3a87acefe245899d7f908a0e400d49d56b75b9ee6400ac58ea180e3e20
-
SHA512
dae7c463ed3b01b23611470aae2d6125a428471f4b75dc2e390d1ef2bab5ba069b3775b97739627ce9c63be58d7e42f909bd6e7859fdb58e1b0dbd3b104dd3b9
Static task
static1
Behavioral task
behavioral1
Sample
ac0bff3a87acefe245899d7f908a0e400d49d56b75b9ee6400ac58ea180e3e20.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
ac0bff3a87acefe245899d7f908a0e400d49d56b75b9ee6400ac58ea180e3e20.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
raccoon
180d3985eb74eacf2de83c771fbf30a60f670ec0
-
url4cnc
https://telete.in/jrikitiki
Extracted
oski
levitt.ug
Extracted
azorult
http://195.245.112.115/index.php
Targets
-
-
Target
ac0bff3a87acefe245899d7f908a0e400d49d56b75b9ee6400ac58ea180e3e20
-
Size
932KB
-
MD5
2a3b3da0fbdfbcc9fafcce4708954170
-
SHA1
13e48a6734e0d1f2275ad42ad5630ca22ca130c9
-
SHA256
ac0bff3a87acefe245899d7f908a0e400d49d56b75b9ee6400ac58ea180e3e20
-
SHA512
dae7c463ed3b01b23611470aae2d6125a428471f4b75dc2e390d1ef2bab5ba069b3775b97739627ce9c63be58d7e42f909bd6e7859fdb58e1b0dbd3b104dd3b9
-
Azorult
An information stealer that was first discovered in 2016, targeting browsing history and passwords.
-
Raccoon Stealer Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-