Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c8235cf09120c1bf9a5c6caf885c1784178e4c30e9eef2d274902b32e0fc265a
-
Size
389KB
-
Sample
221203-qlr78sgg2s
-
MD5
eae6b37b6242cdeba60fd04f4d09dc8b
-
SHA1
2a487a88a9a8f3663ed0f2a5d562af424b7bff21
-
SHA256
c8235cf09120c1bf9a5c6caf885c1784178e4c30e9eef2d274902b32e0fc265a
-
SHA512
76a69134b147535e88a7b58f59cd19efa0711f64181b0b0feff657ba993a2e33c4084ed6cd4728646403f4c7762afe47b4b031ddd0fb47085c27f859393e7c3d
-
SSDEEP
6144:XEk6v38qdv4A9sE2bLutpL9v++JQegpbtKHWIhQFLfjWUkgd2d2NTAreVRcNoO:XEJ8qdgAIuwY/mcQxfjWUPFNcr0J
Static task
static1
Behavioral task
behavioral1
Sample
c8235cf09120c1bf9a5c6caf885c1784178e4c30e9eef2d274902b32e0fc265a.exe
Resource
win7-20220812-en
Malware Config
Extracted
darkcomet
Guest16
nicksrat.no-ip.biz:1604
DC_MUTEX-H7FLLF9
-
gencode
t4wBhiJiyE7T
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
c8235cf09120c1bf9a5c6caf885c1784178e4c30e9eef2d274902b32e0fc265a
-
Size
389KB
-
MD5
eae6b37b6242cdeba60fd04f4d09dc8b
-
SHA1
2a487a88a9a8f3663ed0f2a5d562af424b7bff21
-
SHA256
c8235cf09120c1bf9a5c6caf885c1784178e4c30e9eef2d274902b32e0fc265a
-
SHA512
76a69134b147535e88a7b58f59cd19efa0711f64181b0b0feff657ba993a2e33c4084ed6cd4728646403f4c7762afe47b4b031ddd0fb47085c27f859393e7c3d
-
SSDEEP
6144:XEk6v38qdv4A9sE2bLutpL9v++JQegpbtKHWIhQFLfjWUkgd2d2NTAreVRcNoO:XEJ8qdgAIuwY/mcQxfjWUPFNcr0J
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-