Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
56d675b94ed40dcb422a2456ad30f60256b5dda9f1e20bc519bd58abd25ad817
-
Size
536KB
-
Sample
221126-qmenjafd22
-
MD5
dcf1d09fadd3f5a019fe454bfb5421d4
-
SHA1
a9a16c7f7c1c5e6d30a5b18625874fae136a1ba3
-
SHA256
56d675b94ed40dcb422a2456ad30f60256b5dda9f1e20bc519bd58abd25ad817
-
SHA512
e4d90fae0d1017052c05b44da9e42c6f323e01aaf3f650e8ff07cb9d352766a70910d77f88ef1e509f0dc9e615caabbeedc430e16e79286145059bc219860509
-
SSDEEP
12288:PvwVa5L9B/S5cCo4GgKUX/QgIVlFMPxC15J:Xw4lXCo4JnclFixC15
Static task
static1
Behavioral task
behavioral1
Sample
56d675b94ed40dcb422a2456ad30f60256b5dda9f1e20bc519bd58abd25ad817.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
56d675b94ed40dcb422a2456ad30f60256b5dda9f1e20bc519bd58abd25ad817.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
56d675b94ed40dcb422a2456ad30f60256b5dda9f1e20bc519bd58abd25ad817
-
Size
536KB
-
MD5
dcf1d09fadd3f5a019fe454bfb5421d4
-
SHA1
a9a16c7f7c1c5e6d30a5b18625874fae136a1ba3
-
SHA256
56d675b94ed40dcb422a2456ad30f60256b5dda9f1e20bc519bd58abd25ad817
-
SHA512
e4d90fae0d1017052c05b44da9e42c6f323e01aaf3f650e8ff07cb9d352766a70910d77f88ef1e509f0dc9e615caabbeedc430e16e79286145059bc219860509
-
SSDEEP
12288:PvwVa5L9B/S5cCo4GgKUX/QgIVlFMPxC15J:Xw4lXCo4JnclFixC15
Score10/10-
ISR Stealer
ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
-
ISR Stealer payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-