Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Setup.exe
-
Size
455KB
-
Sample
230208-p87qrsah27
-
MD5
6b547d1da1d61dea80abd9bec8d2fd3e
-
SHA1
6fc46301e375366a9c1349507ebb6ac705fa22cf
-
SHA256
c3b25b89a0523486ba5b6da256cebcaf4bc386c9ce5c38047a2b6efc054d2d51
-
SHA512
3fe6168f0d8f1d8e379126d8f043794538fcc68ec9a564670d3624dc83aa12f08c08062acc4d94243e1b2b949aabb3ba1caea95de1418eccc9b333880ef87edb
-
SSDEEP
12288:POO8GlbYax2Q2ceYFXphphgJviDyoZBXhd:LNBbhesjpGqhHxd
Static task
static1
Behavioral task
behavioral1
Sample
Setup.exe
Resource
win7-20220812-en
Malware Config
Extracted
vidar
2.4
408
-
profile_id
408
Targets
-
-
Target
Setup.exe
-
Size
455KB
-
MD5
6b547d1da1d61dea80abd9bec8d2fd3e
-
SHA1
6fc46301e375366a9c1349507ebb6ac705fa22cf
-
SHA256
c3b25b89a0523486ba5b6da256cebcaf4bc386c9ce5c38047a2b6efc054d2d51
-
SHA512
3fe6168f0d8f1d8e379126d8f043794538fcc68ec9a564670d3624dc83aa12f08c08062acc4d94243e1b2b949aabb3ba1caea95de1418eccc9b333880ef87edb
-
SSDEEP
12288:POO8GlbYax2Q2ceYFXphphgJviDyoZBXhd:LNBbhesjpGqhHxd
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-