Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
980c09040af5ab467b0e902c8097cb83.exe
-
Size
420KB
-
Sample
230106-l3dc7aff75
-
MD5
980c09040af5ab467b0e902c8097cb83
-
SHA1
efbd7fcfc5bac7aee07b2715c492ff71df54ce48
-
SHA256
843c93a950a42ce6ccdd4debb3b505ee31a696637c523aa3cde37876a940d1d1
-
SHA512
d1524131c82bac5e4fc6232963694d5c2944fd1ad52d7c394fac449c44f498f474d130217ec94a84514897cba02060207b564c640e056c85536356896f1e14c8
-
SSDEEP
6144:oYa6eYODUglfIPtpIGAmRCXODtbOy0FD5GHfE7pV5gK8noo:oYdpIGAmMe5SyYtGHiuK81
Malware Config
Extracted
formbook
4.1
vr84
intouchenergy.co.uk
lalumalkaliram.com
hillgreenholidays.co.uk
fluentliteracy.com
buildingworkerpower.com
by23577.com
gate-ch375019.online
jayess-decor.com
larkslife.com
swsnacks.co.uk
bigturtletiny.com
egggge.xyz
olastore.africa
lightshowsnewengland.com
daily-lox.com
empireoba.com
91302events.com
lawrencecountyfirechiefs.com
abrahamslibrary.com
cleaner365.online
Targets
-
-
Target
980c09040af5ab467b0e902c8097cb83.exe
-
Size
420KB
-
MD5
980c09040af5ab467b0e902c8097cb83
-
SHA1
efbd7fcfc5bac7aee07b2715c492ff71df54ce48
-
SHA256
843c93a950a42ce6ccdd4debb3b505ee31a696637c523aa3cde37876a940d1d1
-
SHA512
d1524131c82bac5e4fc6232963694d5c2944fd1ad52d7c394fac449c44f498f474d130217ec94a84514897cba02060207b564c640e056c85536356896f1e14c8
-
SSDEEP
6144:oYa6eYODUglfIPtpIGAmRCXODtbOy0FD5GHfE7pV5gK8noo:oYdpIGAmMe5SyYtGHiuK81
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Formbook payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-