Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2b547226e67c6d92e6692fb6fe19f01c7d8113e12e0f2eba1fb5daa563b1c4a9.exe
-
Size
358KB
-
Sample
221103-p3112acehm
-
MD5
2bcab13ba12b586b0c3c2b4579803836
-
SHA1
42f0a3f7acfb6b9be5490049b9ca8fd8d4df9553
-
SHA256
2b547226e67c6d92e6692fb6fe19f01c7d8113e12e0f2eba1fb5daa563b1c4a9
-
SHA512
8d4647ba1f6cb55061fc36bc606c2978ffe8d28ee8deafc4d40788434c5b21912e1e29ba4ff75243b8d3f21c4fe2de3d51920f0d00a2aac299f6abd519bf4a1e
-
SSDEEP
6144:qiZY8hcK7iSZdGLbPhh6OjzfSPP47ITsq:vZYTiZcfFSo7
Static task
static1
Behavioral task
behavioral1
Sample
2b547226e67c6d92e6692fb6fe19f01c7d8113e12e0f2eba1fb5daa563b1c4a9.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
2b547226e67c6d92e6692fb6fe19f01c7d8113e12e0f2eba1fb5daa563b1c4a9.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
2b547226e67c6d92e6692fb6fe19f01c7d8113e12e0f2eba1fb5daa563b1c4a9.exe
-
Size
358KB
-
MD5
2bcab13ba12b586b0c3c2b4579803836
-
SHA1
42f0a3f7acfb6b9be5490049b9ca8fd8d4df9553
-
SHA256
2b547226e67c6d92e6692fb6fe19f01c7d8113e12e0f2eba1fb5daa563b1c4a9
-
SHA512
8d4647ba1f6cb55061fc36bc606c2978ffe8d28ee8deafc4d40788434c5b21912e1e29ba4ff75243b8d3f21c4fe2de3d51920f0d00a2aac299f6abd519bf4a1e
-
SSDEEP
6144:qiZY8hcK7iSZdGLbPhh6OjzfSPP47ITsq:vZYTiZcfFSo7
Score10/10-
Detect Amadey credential stealer module
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-