Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
DHL Notification_pdf.exe
-
Size
572KB
-
Sample
221028-lgg49affdr
-
MD5
5d0704142349c70304df4a3e2a401d6b
-
SHA1
d8c0caf793b78713ac02dcd09e0e326d6bd45b18
-
SHA256
8206e029f0266ea051b039afc8b9427f70079ee9d9ba4cb7cacd9f944fd2e9c2
-
SHA512
bcd473e62bdbf5162b300575f41c2a9e3e008d3ed8a34dc875fb81618cddb8b55d1656a050b176d9f7a173dcb93ae0bf753aaaa738b82f98bc3978ee2606456d
-
SSDEEP
12288:th7vEV0mHpuSvMvEahAaWP7IneAdvB3RwkdK0t95/KLEyLONLb/:kPTaGknvvB3Rwko0P52EyLO
Static task
static1
Behavioral task
behavioral1
Sample
DHL Notification_pdf.exe
Resource
win7-20220812-en
Malware Config
Extracted
formbook
4.1
g28p
whhmgs.asia
wellmedcaredirect.net
beggarded.com
wtpjiv.site
todo-celulares.com
parkitny.net
43345.top
pro-genie.com
cwdxz.com
cbc-inc.xyz
healthspots.net
rulil.top
pyramidaudit.solutions
k8sb15.live
hempaware.report
usclink.life
stayefs.net
05262.top
shop-izakaya-jin.com
iccworldcupnews.com
lulamail.xyz
dubaistocks.club
royaleyeandearhospital.com
cash-date.biz
hbfcjgj.com
zcx625.fun
compra-venta-autos.online
waltherchen.xyz
asyimpo.xyz
gayxxxporn.info
xn--igvy44d.xn--55qx5d
teaktime.net
aydesign.xyz
hfamq.site
tunayreklam.net
rxof.rest
naturebody.love
elijahelijah.com
lojasiadis.com
amazrsxrszwna.com
realtranzex.com
elelfo3d.fun
fse.community
28369.xyz
minigolfauthority.net
venturebestdeals.click
robeholidayrentals.store
edarva.skin
xikixvtj.work
ecolabspeyua.store
infidelitytoolkit.com
crawfordbayoysterroast.net
adenongel.dentist
appliancegrey.site
ky7769.com
kshd.xyz
ausbonusbets.com
aks.capital
rv8288.xyz
retetelebunicii.com
younginheart.net
ps4controller.net
todotutoriales10.com
boletosdeavionbaratos.com
spartanburgwebdesign.com
Targets
-
-
Target
DHL Notification_pdf.exe
-
Size
572KB
-
MD5
5d0704142349c70304df4a3e2a401d6b
-
SHA1
d8c0caf793b78713ac02dcd09e0e326d6bd45b18
-
SHA256
8206e029f0266ea051b039afc8b9427f70079ee9d9ba4cb7cacd9f944fd2e9c2
-
SHA512
bcd473e62bdbf5162b300575f41c2a9e3e008d3ed8a34dc875fb81618cddb8b55d1656a050b176d9f7a173dcb93ae0bf753aaaa738b82f98bc3978ee2606456d
-
SSDEEP
12288:th7vEV0mHpuSvMvEahAaWP7IneAdvB3RwkdK0t95/KLEyLONLb/:kPTaGknvvB3Rwko0P52EyLO
-
Formbook payload
-
Suspicious use of SetThreadContext
-