Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ad756688fd4a1fbe4edb0f982213818544f4b962d50543a85e6ba8da88be9a60
-
Size
970KB
-
Sample
221201-yazryagg41
-
MD5
888e2ff3d438e24c124f34ee8de2052e
-
SHA1
a873698e0f13d70bfaf4b8b7021d3dca48302b2a
-
SHA256
ad756688fd4a1fbe4edb0f982213818544f4b962d50543a85e6ba8da88be9a60
-
SHA512
1283a679c6ee1b872b8b600c928846923707623ca8489143b50c6aa2f25cf5d0aa51c400c1d8264d044cb47fa500b46240da3c394d739ca2fb5ee4932e5c2a75
-
SSDEEP
24576:obbVYk0jqnKXkecg7Xocte+7snYdXwZwj:obbwzUsrGWj
Static task
static1
Behavioral task
behavioral1
Sample
ad756688fd4a1fbe4edb0f982213818544f4b962d50543a85e6ba8da88be9a60.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
ad756688fd4a1fbe4edb0f982213818544f4b962d50543a85e6ba8da88be9a60.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
darkcomet
DC
WalruusHOST.NO-IP.biz:200
DC_MUTEX-0HZFGFD
-
gencode
pynuhxnShyEp
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
ad756688fd4a1fbe4edb0f982213818544f4b962d50543a85e6ba8da88be9a60
-
Size
970KB
-
MD5
888e2ff3d438e24c124f34ee8de2052e
-
SHA1
a873698e0f13d70bfaf4b8b7021d3dca48302b2a
-
SHA256
ad756688fd4a1fbe4edb0f982213818544f4b962d50543a85e6ba8da88be9a60
-
SHA512
1283a679c6ee1b872b8b600c928846923707623ca8489143b50c6aa2f25cf5d0aa51c400c1d8264d044cb47fa500b46240da3c394d739ca2fb5ee4932e5c2a75
-
SSDEEP
24576:obbVYk0jqnKXkecg7Xocte+7snYdXwZwj:obbwzUsrGWj
Score10/10-
Uses the VBS compiler for execution
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-