Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0c328b00fd4cad09fafcacfb8fa6d5c4d93368a4f4d5447761750277dc008282
-
Size
1012KB
-
Sample
221128-w19zgsfc88
-
MD5
8807ef7bf3e5259c6ce9cb1eb168c77b
-
SHA1
d44898854fbacacba34f064d57c4fa88223a6747
-
SHA256
0c328b00fd4cad09fafcacfb8fa6d5c4d93368a4f4d5447761750277dc008282
-
SHA512
756ce8d1db71e0c15c77521357b631f7ad7e79b465b3d34c9c9e7bc5d57404740c07bc0db9fea29d5b0e6131f23e41ffa9531c5e902bd8a5e611743fb74d5b66
-
SSDEEP
24576:Q6gh1zkTrXaiSjhbEngC8v48ZKSUL3hxG1K0gDzfTvTB0UJk4u4Qz5/CmWLX7U:rQniSjhbEgCcZKpdv9VW40zVUL
Behavioral task
behavioral1
Sample
0c328b00fd4cad09fafcacfb8fa6d5c4d93368a4f4d5447761750277dc008282.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
0c328b00fd4cad09fafcacfb8fa6d5c4d93368a4f4d5447761750277dc008282.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
0c328b00fd4cad09fafcacfb8fa6d5c4d93368a4f4d5447761750277dc008282
-
Size
1012KB
-
MD5
8807ef7bf3e5259c6ce9cb1eb168c77b
-
SHA1
d44898854fbacacba34f064d57c4fa88223a6747
-
SHA256
0c328b00fd4cad09fafcacfb8fa6d5c4d93368a4f4d5447761750277dc008282
-
SHA512
756ce8d1db71e0c15c77521357b631f7ad7e79b465b3d34c9c9e7bc5d57404740c07bc0db9fea29d5b0e6131f23e41ffa9531c5e902bd8a5e611743fb74d5b66
-
SSDEEP
24576:Q6gh1zkTrXaiSjhbEngC8v48ZKSUL3hxG1K0gDzfTvTB0UJk4u4Qz5/CmWLX7U:rQniSjhbEgCcZKpdv9VW40zVUL
Score10/10-
ISR Stealer
ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
-
ISR Stealer payload
-
NirSoft MailPassView
Password recovery tool for various email clients
-
Nirsoft
-
Uses the VBS compiler for execution
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-