Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b270ce779ab0039ad0cb3f635ebf56589d71ba7e02f0238ec05777c37e1e358d
-
Size
213KB
-
Sample
221015-r5h94sfgb2
-
MD5
e4b8e1635d88b7a450d1514b6324b907
-
SHA1
c2d351c6f805fd435bd1de5df0b4b4fd112d1678
-
SHA256
b270ce779ab0039ad0cb3f635ebf56589d71ba7e02f0238ec05777c37e1e358d
-
SHA512
ffcd9feb3c6bf62b993a714fbd54d9562f34678e8e79f4fd45f69b334a086e710cdc04e42169aaf8eec60d9b9391fcf1aae3db88585ce64549a0df7071c6d7f2
-
SSDEEP
3072:mRDXp0nzyLyFFMugJ0MlRl5odAoDotleqHGQSRto0KNUguzWBC:e7/LyFbM/65kGLvo0gUguzWBC
Malware Config
Targets
-
-
Target
b270ce779ab0039ad0cb3f635ebf56589d71ba7e02f0238ec05777c37e1e358d
-
Size
213KB
-
MD5
e4b8e1635d88b7a450d1514b6324b907
-
SHA1
c2d351c6f805fd435bd1de5df0b4b4fd112d1678
-
SHA256
b270ce779ab0039ad0cb3f635ebf56589d71ba7e02f0238ec05777c37e1e358d
-
SHA512
ffcd9feb3c6bf62b993a714fbd54d9562f34678e8e79f4fd45f69b334a086e710cdc04e42169aaf8eec60d9b9391fcf1aae3db88585ce64549a0df7071c6d7f2
-
SSDEEP
3072:mRDXp0nzyLyFFMugJ0MlRl5odAoDotleqHGQSRto0KNUguzWBC:e7/LyFbM/65kGLvo0gUguzWBC
Score10/10-
Detects Smokeloader packer
-
SmokeLoader
Modular backdoor trojan in use since 2014.
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-