Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d7522af8f62b472e0fd325102ec12624.exe
-
Size
1.0MB
-
Sample
221223-e6542sba5t
-
MD5
d7522af8f62b472e0fd325102ec12624
-
SHA1
04470c6f012a16ada80839931be700ee4421e8d0
-
SHA256
6a8b8d64cdbdd6d21a4c56e47929c8dee133615149ef899342842fbbe910c2fa
-
SHA512
0b53d1660aed71d912d418522f43d526ba1c4556900805e9ab50e096282621163bcff6e3de7e2a2e0e9a1cff6a7143cedb0a4df8a2216cc704441b6a9fb05db7
-
SSDEEP
12288:LZ+2iN1/Sr+pYH8c+9eG8zYJDkrL+oQ1+vJoKWFcVBYt+zAf+mDXttarruVBDUJ1:A1e+YH80G8zYJDkrLTQ8qKWFQ3zp
Static task
static1
Behavioral task
behavioral1
Sample
d7522af8f62b472e0fd325102ec12624.exe
Resource
win7-20221111-en
Malware Config
Extracted
formbook
4.1
b47h
whistleblow-now.com
14live-msa.one
yenitedarikciniz.xyz
marmargoods.com
full-funs.com
saoraigne.com
noemiaguesthouse.space
datatobe.community
sollight.net
wavestudios.pro
freeorama.com
fasinixiaoribenguizi032.com
mariajaq.com
hyper.vote
aedin.dev
docind.com
zhulinx.com
estairon.best
mlnphotography.art
1948ardithdr.com
socialbranchout.com
fullfraught-oligarch.biz
subwaycc.com
chinhtrivietnam.net
saloon-caramel.store
lydialowproperty.com
mctier.store
plusquam.xyz
uswhafall22.link
instagramservice.shop
hubeipugongying.top
nyord.software
catdrive.top
derekjech.kred
dishonestdealerships.com
miamiwave.casa
jonnywalkers.com
medrinas.com
xtransport.africa
drvenetis.online
digitalfarbe.com
kikubadi.app
51d8turfd01ertbnrgm1407.com
hwaeqawe.com
activeparredox.info
opheliam.club
melissaught.site
deutschduck.xyz
highlandhillsmc.net
web3certified.net
airmap.pro
efficiency.bar
maple-mediateam.com
robote.work
growmoney.shop
intentionalweightrelease.com
dynop.online
chapter.finance
promosibaru-brimo.com
seniorproofhomeproducts.com
bourbons.pro
app-jpex.top
plugado.net
erineunoia.com
licensingplans.com
Targets
-
-
Target
d7522af8f62b472e0fd325102ec12624.exe
-
Size
1.0MB
-
MD5
d7522af8f62b472e0fd325102ec12624
-
SHA1
04470c6f012a16ada80839931be700ee4421e8d0
-
SHA256
6a8b8d64cdbdd6d21a4c56e47929c8dee133615149ef899342842fbbe910c2fa
-
SHA512
0b53d1660aed71d912d418522f43d526ba1c4556900805e9ab50e096282621163bcff6e3de7e2a2e0e9a1cff6a7143cedb0a4df8a2216cc704441b6a9fb05db7
-
SSDEEP
12288:LZ+2iN1/Sr+pYH8c+9eG8zYJDkrL+oQ1+vJoKWFcVBYt+zAf+mDXttarruVBDUJ1:A1e+YH80G8zYJDkrLTQ8qKWFQ3zp
-
Formbook payload
-
Suspicious use of SetThreadContext
-