Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6ec0c1af929d468390638567352ac6ca1d56b3732ff159ccd043ffbd9d57721a.exe
-
Size
780KB
-
Sample
221011-jhjy5acfgq
-
MD5
a93f5a2c6e1278d1b8b93e8e9b950f26
-
SHA1
5c3a7b41d017bcabf9d441d81c6c46a05b76d0f6
-
SHA256
6ec0c1af929d468390638567352ac6ca1d56b3732ff159ccd043ffbd9d57721a
-
SHA512
af0177762430bef805da4a751748607b3a637d852230692665ac455b12ac9c362912434221cc68d09e4b2a80b1b04eb5187285f9cda64354749b60ec600ca5ff
-
SSDEEP
12288:WAv2iN9IcvSoun3A1fLsumo2Hv3hqWxGAT8dTTip5Q+:f1rAn3A1DsucjGJ9+
Static task
static1
Behavioral task
behavioral1
Sample
6ec0c1af929d468390638567352ac6ca1d56b3732ff159ccd043ffbd9d57721a.exe
Resource
win7-20220901-en
Malware Config
Extracted
formbook
4.1
o5df
glassesfx.com
yunboer.com
countryvillagerx.com
ravensclawcollectibles.net
ambiencebodytherapies.com
cbcgroup.solutions
east2westcoasters.xyz
vegasggcuan.com
sistempakarsapi.site
assoroc-chinon.com
thegauntletchallenge.com
johnandsophie.com
followeona.xyz
bulgurmachines.online
pippaandi.com
warax.online
trygamesandearnrewards.com
newssergipe.com
savingsellersthousands.com
sniibe.com
scholarships-find.life
pc7.academy
signatizebusiness.com
topcintosmoda.online
meta-lsa.com
robotics6.com
bibeille.com
rtghsi.xyz
detalgraf.net
survivaldawg.com
5xscgbhkf.com
txcentre.com
etse.site
velvet-edge.com
cloudcontrol.events
jieqingmjg.com
aegon.direct
diynftwealth.com
musee-photo-madagascar.com
dwgg1.com
royhartrams.com
pcti.school
broothers.com
multiplosintermediacao.com
workfh.online
flowersbylunelly.net
getmyfreetraffic.com
xiangluliding.com
remix-comix.com
thestronggarden.com
appvideos.online
ominvent.com
itheilv.xyz
solvebest.xyz
jiayi888.net
formulirbri.online
vanirheim.com
xn--kobeckenbodenkugeln-p6b.com
gamedevevents.com
memprex.com
heartbreaker.world
mymongodaily.com
c-brokers.co
immmeta.com
samenstralen.online
Targets
-
-
Target
6ec0c1af929d468390638567352ac6ca1d56b3732ff159ccd043ffbd9d57721a.exe
-
Size
780KB
-
MD5
a93f5a2c6e1278d1b8b93e8e9b950f26
-
SHA1
5c3a7b41d017bcabf9d441d81c6c46a05b76d0f6
-
SHA256
6ec0c1af929d468390638567352ac6ca1d56b3732ff159ccd043ffbd9d57721a
-
SHA512
af0177762430bef805da4a751748607b3a637d852230692665ac455b12ac9c362912434221cc68d09e4b2a80b1b04eb5187285f9cda64354749b60ec600ca5ff
-
SSDEEP
12288:WAv2iN9IcvSoun3A1fLsumo2Hv3hqWxGAT8dTTip5Q+:f1rAn3A1DsucjGJ9+
-
Formbook payload
-
Suspicious use of SetThreadContext
-