Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a3c20b8c564076ca4e520a99c6cd1764.exe
-
Size
132KB
-
Sample
220802-v4xynahdb5
-
MD5
a3c20b8c564076ca4e520a99c6cd1764
-
SHA1
74700468ca8ef36b4111230b786bbab78c410468
-
SHA256
d178525a986175d484866facf95baa1573a63a1060e5a06346ee4da4932df656
-
SHA512
0f01b1e592d73d591a34b0b6e608859df3870e8ca65c29263e01a0dc53eafd4edf2c0efcac9ddfbb37ccb706e1b577bc79eb1828f344967b6723c20eb821dfa0
Behavioral task
behavioral1
Sample
a3c20b8c564076ca4e520a99c6cd1764.exe
Resource
win7-20220715-en
Behavioral task
behavioral2
Sample
a3c20b8c564076ca4e520a99c6cd1764.exe
Resource
win10v2004-20220721-en
Malware Config
Targets
-
-
Target
a3c20b8c564076ca4e520a99c6cd1764.exe
-
Size
132KB
-
MD5
a3c20b8c564076ca4e520a99c6cd1764
-
SHA1
74700468ca8ef36b4111230b786bbab78c410468
-
SHA256
d178525a986175d484866facf95baa1573a63a1060e5a06346ee4da4932df656
-
SHA512
0f01b1e592d73d591a34b0b6e608859df3870e8ca65c29263e01a0dc53eafd4edf2c0efcac9ddfbb37ccb706e1b577bc79eb1828f344967b6723c20eb821dfa0
Score10/10-
StormKitty payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-