Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b2d05e58073e088f181baa61fc942c16ef211489d3aaa264426694e0df8d59d9
-
Size
1.3MB
-
Sample
221129-rymzqaca2z
-
MD5
b38588a602da8a39add4afefd91395ce
-
SHA1
b4e21251343717dba9b271aceaefcb2f5f2188da
-
SHA256
b2d05e58073e088f181baa61fc942c16ef211489d3aaa264426694e0df8d59d9
-
SHA512
621b00b447b29ae009eaedc3c3d268cf4e82770baa6f8347656b6f7dc2cca4b97bcbfa06f2c1873bc713b1a45a7ae8f12bb348673ac1dedd3d438c5cef16e960
-
SSDEEP
24576:KaHMv6Corjqny/Q543dhZkDe0Jq34cRLUFLNGMVyH2ah6:K1vqjd/Q583gRgIcNUFsMyHY
Static task
static1
Behavioral task
behavioral1
Sample
b2d05e58073e088f181baa61fc942c16ef211489d3aaa264426694e0df8d59d9.exe
Resource
win7-20220901-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
Targets
-
-
Target
b2d05e58073e088f181baa61fc942c16ef211489d3aaa264426694e0df8d59d9
-
Size
1.3MB
-
MD5
b38588a602da8a39add4afefd91395ce
-
SHA1
b4e21251343717dba9b271aceaefcb2f5f2188da
-
SHA256
b2d05e58073e088f181baa61fc942c16ef211489d3aaa264426694e0df8d59d9
-
SHA512
621b00b447b29ae009eaedc3c3d268cf4e82770baa6f8347656b6f7dc2cca4b97bcbfa06f2c1873bc713b1a45a7ae8f12bb348673ac1dedd3d438c5cef16e960
-
SSDEEP
24576:KaHMv6Corjqny/Q543dhZkDe0Jq34cRLUFLNGMVyH2ah6:K1vqjd/Q583gRgIcNUFsMyHY
-
ISR Stealer
ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
-
ISR Stealer payload
-
Modifies firewall policy service
-
Suspicious use of SetThreadContext
-