Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
EFT Payment 27September.exe
-
Size
426KB
-
Sample
220927-rsnztsegdk
-
MD5
99128801351b81b164690fb32ddfe74f
-
SHA1
f8f2a0beaf18ce9311ada5ae7fd8dde3914771de
-
SHA256
fac949564f4665701edaee8c5228133b6c84842fef319a82e8909ddeaa215de6
-
SHA512
22a6f3d58634d462fd4281dbe2b975df010056bf2b385be110256430289d198640422f0a149607ad72d331bd34cf769fb09d80d22b05da4817d6d1c6db2f91bb
-
SSDEEP
6144:EKTmSHR5ZwZv+Wxt5+3GE4msba3k4kwsEYA8Ki:XT/x5Zw1+WlA2Vb4kJbEYu
Static task
static1
Behavioral task
behavioral1
Sample
EFT Payment 27September.exe
Resource
win7-20220901-en
Malware Config
Extracted
formbook
4.1
tg49
497338.com
shoptickr.win
support.academy
cloud123.top
manhattanmaintenance.site
sustainabilityblock.com
mertbnkae.city
letshookup.site
aqiqahkarawang.site
play-demoslot-coktogel.app
taikatarot.info
insanxarakterleri.com
bobdoessport.co
inexecution-oarsman.net
aspirationit.com
88bet2255.com
northbowlodge.com
downjc.com
diecastcoin.site
pubiliweb.com
greatneckplaza.site
glowitt.com
marimenang.xyz
2ridgemoor.com
tf1938.xyz
mahmutogluinsaat.com
vanguard-vanguard.com
veronaroad.info
aldwickmeanclean.co.uk
darihobi.com
americafirsthellpteam01.me
butlerbobo.app
15ke.net
8888888.ltd
ipcommit.com
revolutionizeyourrevenue.com
aiweu.com
findlearn.net
visionfootball.info
putkimiessalo.info
diabetesequiment.tech
comprarfunkopop.info
fastfix.app
bjyart.com
alternafest.com
offerstream-2.za.com
bellecoo.com
gasbanor.online
veganrebels.uk
quannhu.ltd
agddistribuidora.com
thimopi-conduite.com
dallastexasmediation.com
asesoriaenbarcelona.pro
slimebeats.com
sylkynsora.com
incontactapp.co.uk
caminovacations.com
bets-bc-utuas.xyz
chamberofscientists.com
hart-oca.xyz
selfcareopedia.co.uk
soulsolutions.tech
hameenmaalampo.com
doge-miner.site
Targets
-
-
Target
EFT Payment 27September.exe
-
Size
426KB
-
MD5
99128801351b81b164690fb32ddfe74f
-
SHA1
f8f2a0beaf18ce9311ada5ae7fd8dde3914771de
-
SHA256
fac949564f4665701edaee8c5228133b6c84842fef319a82e8909ddeaa215de6
-
SHA512
22a6f3d58634d462fd4281dbe2b975df010056bf2b385be110256430289d198640422f0a149607ad72d331bd34cf769fb09d80d22b05da4817d6d1c6db2f91bb
-
SSDEEP
6144:EKTmSHR5ZwZv+Wxt5+3GE4msba3k4kwsEYA8Ki:XT/x5Zw1+WlA2Vb4kJbEYu
-
Formbook payload
-
Suspicious use of SetThreadContext
-