Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a8fae326658ce7fb7aa5a3127ee35cb6.exe
-
Size
558KB
-
Sample
230102-jqzdsagg91
-
MD5
a8fae326658ce7fb7aa5a3127ee35cb6
-
SHA1
6559e08cc97a2ff9bba6906a885307378aad5c03
-
SHA256
44dceefb44c2ff756c3d9093b69b76dba826ecb55ff6279fe0e519585a6fa342
-
SHA512
8c272f59e0a8de46275e43cfe7b3e2a3d226f78b77e4102775d3b58cd82cce9a355e9935939275a1f6b80784c09958cacf1b47f2984ae971c81d9a45e50c3f8d
-
SSDEEP
12288:P9SS0V7xIyeP9I1mKpDPhe950yvCfXU2euRrAMIWmA0lq:1SS0VCFI1n9EnCMB0rpGV
Static task
static1
Behavioral task
behavioral1
Sample
a8fae326658ce7fb7aa5a3127ee35cb6.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
a8fae326658ce7fb7aa5a3127ee35cb6.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
matiex
Protocol: smtp- Host:
mail.zavidovici.ba - Port:
587 - Username:
[email protected] - Password:
12Opc21!
Targets
-
-
Target
a8fae326658ce7fb7aa5a3127ee35cb6.exe
-
Size
558KB
-
MD5
a8fae326658ce7fb7aa5a3127ee35cb6
-
SHA1
6559e08cc97a2ff9bba6906a885307378aad5c03
-
SHA256
44dceefb44c2ff756c3d9093b69b76dba826ecb55ff6279fe0e519585a6fa342
-
SHA512
8c272f59e0a8de46275e43cfe7b3e2a3d226f78b77e4102775d3b58cd82cce9a355e9935939275a1f6b80784c09958cacf1b47f2984ae971c81d9a45e50c3f8d
-
SSDEEP
12288:P9SS0V7xIyeP9I1mKpDPhe950yvCfXU2euRrAMIWmA0lq:1SS0VCFI1n9EnCMB0rpGV
Score10/10-
Matiex Main payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-