Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d20008051ebd536e50d34dcc4e718804.exe
-
Size
4.1MB
-
Sample
230309-ek72hshd21
-
MD5
d20008051ebd536e50d34dcc4e718804
-
SHA1
d1026c5402523e2ce23a7b7855ce2b2d36d8316a
-
SHA256
844b92d102379990f96dd712b1eb2ade90bee0412333a11a74f77723ff4f91f9
-
SHA512
c98bf8f92f98920f8b6f8961d7b1c136e8159aaf43ee5716337b5b66d69da483b8d207df2ff360ff981203c08369c8d13272bc73f7dfb60fc8dd0c10640b85fc
-
SSDEEP
98304:ShSlPgpqvGXI30baIvyatgFiw/+TMmoiN3cwbMtnb5hJ7iPDi7Og:Sh7pqvqvwUwYpNMwbeb5hSDi7O
Malware Config
Targets
-
-
Target
d20008051ebd536e50d34dcc4e718804.exe
-
Size
4.1MB
-
MD5
d20008051ebd536e50d34dcc4e718804
-
SHA1
d1026c5402523e2ce23a7b7855ce2b2d36d8316a
-
SHA256
844b92d102379990f96dd712b1eb2ade90bee0412333a11a74f77723ff4f91f9
-
SHA512
c98bf8f92f98920f8b6f8961d7b1c136e8159aaf43ee5716337b5b66d69da483b8d207df2ff360ff981203c08369c8d13272bc73f7dfb60fc8dd0c10640b85fc
-
SSDEEP
98304:ShSlPgpqvGXI30baIvyatgFiw/+TMmoiN3cwbMtnb5hJ7iPDi7Og:Sh7pqvqvwUwYpNMwbeb5hSDi7O
Score10/10-
PrivateLoader
PrivateLoader is a downloader sold as a pay-per-install malware distribution service.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in System32 directory
-