Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
38611cbec59d31636dfa80e39146bc9c96d3515fbafd9ea16f7392bdfeee69ee.exe
-
Size
917KB
-
Sample
221010-nqkmvabfd2
-
MD5
f25e3594aba0fdc9c3d98043bedd16c6
-
SHA1
bcf633e24eff060782aaf7dd6e5a1fc61796d586
-
SHA256
38611cbec59d31636dfa80e39146bc9c96d3515fbafd9ea16f7392bdfeee69ee
-
SHA512
da43b1977800eee7cfb046d536fc1e7b804791dace90996be5e41f29c66b31d14e37e3a98626357a8706a234ba378617a49facae75c811405a1b44a5cd56d6d2
-
SSDEEP
12288:kYRcrWWvUZ4tlgD9yvR+ZBKm6M4qHKuw3BMUhpU1xo5Mik4EhBHglt:kY2vUZ4tlA9URmkm6dqqV3ecpUL
Malware Config
Extracted
formbook
vez2
GCFh2WRY8h1RjEXapwS7Ck9LsYM=
Kw/ixUjrf6eR4l/24Q==
UU+jUhRwjrFC148Z
QbmEkwuT9vV0auS9f1g=
X/Bx/B8ftQ==
VkMUQmSy0OalCood8g==
BNLY7KKp9TVIQOS9f1g=
4T0IQw/gaKqntY81D2bTIzrbjw==
hVWRNvRVcKktVh2ymZKRgeSyJ0RoIbo=
Fef69GXN5DS86bNZQiZFu/q98os=
28+h068jMHplsKGaJQxI
5kXPNMQEFGjp6MuaJQxI
3U8XDYYOlJwvdF0f4w==
XVqaJqutwWlhek3SahJ4hg==
8g9h2U1zhLBC148Z
Q8NMHfa/7y+yrZpDEgLiBZBvwVt9Vvm5
jXeQnSyl0RXqI/ulQvZ9jA==
3cHSwlLqCBnkOQy9jXZ7AiKZ
6PU7tS0owgIcNy/fahJ4hg==
WVMuelelvwPA9XaFQtUSN8o=
Targets
-
-
Target
38611cbec59d31636dfa80e39146bc9c96d3515fbafd9ea16f7392bdfeee69ee.exe
-
Size
917KB
-
MD5
f25e3594aba0fdc9c3d98043bedd16c6
-
SHA1
bcf633e24eff060782aaf7dd6e5a1fc61796d586
-
SHA256
38611cbec59d31636dfa80e39146bc9c96d3515fbafd9ea16f7392bdfeee69ee
-
SHA512
da43b1977800eee7cfb046d536fc1e7b804791dace90996be5e41f29c66b31d14e37e3a98626357a8706a234ba378617a49facae75c811405a1b44a5cd56d6d2
-
SSDEEP
12288:kYRcrWWvUZ4tlgD9yvR+ZBKm6M4qHKuw3BMUhpU1xo5Mik4EhBHglt:kY2vUZ4tlA9URmkm6dqqV3ecpUL
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Suspicious use of SetThreadContext
-