Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
47257567cb272a046cdca7596367b2f2.exe
-
Size
374KB
-
Sample
221004-h13zaahbcj
-
MD5
47257567cb272a046cdca7596367b2f2
-
SHA1
5258ff1376974f62ee35f34425df29a4aae80d98
-
SHA256
dade5b7aa50e2e1df254ae9c8b70f59cfa6c47889bc1cb3ff722620b367fde60
-
SHA512
61a98897a22ea5b3ba4dc251476044d7055a87d640361ff67f639e3089a088cd8c57e9d9d4cd7a3fdefd93002687b9dbe4fdca41370f0ff1415f49b18a02f441
-
SSDEEP
6144:4XJ936eafA9hW5zW2qJMHUYM+fS1v6kkuzbgwuix26wVf:4XJd6K9hWtr0YZ5unnc
Static task
static1
Behavioral task
behavioral1
Sample
47257567cb272a046cdca7596367b2f2.exe
Resource
win7-20220901-en
Malware Config
Extracted
vidar
54.9
517
https://t.me/larsenup
https://ioc.exchange/@zebra54
-
profile_id
517
Targets
-
-
Target
47257567cb272a046cdca7596367b2f2.exe
-
Size
374KB
-
MD5
47257567cb272a046cdca7596367b2f2
-
SHA1
5258ff1376974f62ee35f34425df29a4aae80d98
-
SHA256
dade5b7aa50e2e1df254ae9c8b70f59cfa6c47889bc1cb3ff722620b367fde60
-
SHA512
61a98897a22ea5b3ba4dc251476044d7055a87d640361ff67f639e3089a088cd8c57e9d9d4cd7a3fdefd93002687b9dbe4fdca41370f0ff1415f49b18a02f441
-
SSDEEP
6144:4XJ936eafA9hW5zW2qJMHUYM+fS1v6kkuzbgwuix26wVf:4XJd6K9hWtr0YZ5unnc
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-