Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
SecuriteInfo.com.Win32.CrypterX-gen.3242.29307.exe
-
Size
821KB
-
Sample
221129-p2cbaadc5y
-
MD5
b5f2d1eba706497a0a41ddb7c0678822
-
SHA1
0ec664c8cd01502324e6e7520dc1f216d0137e7e
-
SHA256
7f6d1ee758a413994522bf65d9f28cca2ad50ff68c053dff75ba1ec4e62d2317
-
SHA512
5d0f348f472fd32af32c9466a507184fc14c8dac0b7bd66ec1830fd5a7f7561f472e8016935395671f60bbc9ab68048cc4519e0bafe5b17abffbbdd8155d0c63
-
SSDEEP
12288:5ViqU+uKhmzScd6bcDxKRBfdZiSqvzfvRHx2BszOqn6bQNfbDdzoa1cfN:vBhmzScg4ARBfdZizTJRtzOq0mDdEPf
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Win32.CrypterX-gen.3242.29307.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Win32.CrypterX-gen.3242.29307.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
lokibot
http://171.22.30.147/line/five/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
SecuriteInfo.com.Win32.CrypterX-gen.3242.29307.exe
-
Size
821KB
-
MD5
b5f2d1eba706497a0a41ddb7c0678822
-
SHA1
0ec664c8cd01502324e6e7520dc1f216d0137e7e
-
SHA256
7f6d1ee758a413994522bf65d9f28cca2ad50ff68c053dff75ba1ec4e62d2317
-
SHA512
5d0f348f472fd32af32c9466a507184fc14c8dac0b7bd66ec1830fd5a7f7561f472e8016935395671f60bbc9ab68048cc4519e0bafe5b17abffbbdd8155d0c63
-
SSDEEP
12288:5ViqU+uKhmzScd6bcDxKRBfdZiSqvzfvRHx2BszOqn6bQNfbDdzoa1cfN:vBhmzScg4ARBfdZizTJRtzOq0mDdEPf
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-