Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
file.exe
-
Size
4.9MB
-
Sample
220912-dhb1macec3
-
MD5
57f2f75c17ab7bbc606aed7ad9462f2b
-
SHA1
e284891b905cd5fb4da41c5fd7d1d25c60b0436d
-
SHA256
048775019adc05c1978f5be85341eb95fb8c9c15611ee13a1fbbffaef3f4f1dc
-
SHA512
d8de0b33e63f4c09fabe0c7631005ee142426b9f06f3a5830a40682c41365487cecfc5478a3aa1ef67305eda8ed8d0ff691d0665f0f17d9c0430ae42dd6a8859
-
SSDEEP
98304:8Tmz2NL20p5QWLTc4owiSAyKkcTz4Gj/8uFIh5gR72SPn:JmfPQWLTDrAyKRf4k/8iIhql2G
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220812-en
Malware Config
Extracted
vidar
54.3
1656
https://t.me/karacakahve
https://ieji.de/@tiagoa96
-
profile_id
1656
Targets
-
-
Target
file.exe
-
Size
4.9MB
-
MD5
57f2f75c17ab7bbc606aed7ad9462f2b
-
SHA1
e284891b905cd5fb4da41c5fd7d1d25c60b0436d
-
SHA256
048775019adc05c1978f5be85341eb95fb8c9c15611ee13a1fbbffaef3f4f1dc
-
SHA512
d8de0b33e63f4c09fabe0c7631005ee142426b9f06f3a5830a40682c41365487cecfc5478a3aa1ef67305eda8ed8d0ff691d0665f0f17d9c0430ae42dd6a8859
-
SSDEEP
98304:8Tmz2NL20p5QWLTc4owiSAyKkcTz4Gj/8uFIh5gR72SPn:JmfPQWLTDrAyKRf4k/8iIhql2G
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-