Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
BANK DETAILS.exe
-
Size
705KB
-
Sample
230130-k1lq4shg87
-
MD5
55f04c65cd12678fd9ee597292ad3f2e
-
SHA1
f16c462cf89ccc62990236f2f38ed050cfea10a3
-
SHA256
70e8f9910b4a3afd82774cee39e7b51c8f1d2fb5deadd64c017e35a69fec158d
-
SHA512
63a38e6b3c2710eaa94c659c254155f8bcec2ebd176b4ed7c6babaedab9797d9bd472dbcc5288efedce38525098b445fde8e02043c0b7e29350e41f02d412c58
-
SSDEEP
12288:6xEOxdue2+aXw2iNUdrb7d3Goqx2Hrmzgk9vNhEpWw3ukkzV4g0K2/X+oNa:6xEO72tw1GFbRWwqcW2pV+LxP
Static task
static1
Behavioral task
behavioral1
Sample
BANK DETAILS.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
BANK DETAILS.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
lokibot
http://171.22.30.147/prime2/five/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
BANK DETAILS.exe
-
Size
705KB
-
MD5
55f04c65cd12678fd9ee597292ad3f2e
-
SHA1
f16c462cf89ccc62990236f2f38ed050cfea10a3
-
SHA256
70e8f9910b4a3afd82774cee39e7b51c8f1d2fb5deadd64c017e35a69fec158d
-
SHA512
63a38e6b3c2710eaa94c659c254155f8bcec2ebd176b4ed7c6babaedab9797d9bd472dbcc5288efedce38525098b445fde8e02043c0b7e29350e41f02d412c58
-
SSDEEP
12288:6xEOxdue2+aXw2iNUdrb7d3Goqx2Hrmzgk9vNhEpWw3ukkzV4g0K2/X+oNa:6xEO72tw1GFbRWwqcW2pV+LxP
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-