Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
file.exe
-
Size
2.5MB
-
Sample
221017-1z3agaddd6
-
MD5
98bb77be0218bae48ed9b2647aafa2f3
-
SHA1
357f88867103b89cbc41293f60a2f7e7829af206
-
SHA256
d90f96aa27e90b9884d37ae452272e08a1e65405dd216ca000edbd3541381641
-
SHA512
9e34f59683500fc2cb4f6c4831fdf2662707f87fa297659f5cafaa0e2ed5556793601dfc7fd195ef7d0ac5de1af268e226787c2bdbc2df5802b9b5231b20a2e9
-
SSDEEP
24576:nzww4MA8/R3BL7o+w0Y1Yj002XLMw96KZd2B8Z0b5bpD62vI/H/313LrXC79lyOy:nZAAnL7o+awbFI/H/313nofl38
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
file.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
raccoon
ce21570f8b07f4e68bfb7f44917635b1
http://77.73.133.7/
Targets
-
-
Target
file.exe
-
Size
2.5MB
-
MD5
98bb77be0218bae48ed9b2647aafa2f3
-
SHA1
357f88867103b89cbc41293f60a2f7e7829af206
-
SHA256
d90f96aa27e90b9884d37ae452272e08a1e65405dd216ca000edbd3541381641
-
SHA512
9e34f59683500fc2cb4f6c4831fdf2662707f87fa297659f5cafaa0e2ed5556793601dfc7fd195ef7d0ac5de1af268e226787c2bdbc2df5802b9b5231b20a2e9
-
SSDEEP
24576:nzww4MA8/R3BL7o+w0Y1Yj002XLMw96KZd2B8Z0b5bpD62vI/H/313LrXC79lyOy:nZAAnL7o+awbFI/H/313nofl38
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-