Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
PRE ALERT KUL-BKI PNUE00951848 4511679901 Maritime n Industrial AE 455681 264-43349902 N7351 20 NOV - DDP TERMS.exe
-
Size
737KB
-
Sample
230331-mpdmgahc88
-
MD5
5a31e71dbdb0b31c5af2b1c1c32936ce
-
SHA1
aecf6320581856198779afec0c1e816961e9757d
-
SHA256
2358f255cb8390a108fca6934209b56e8f72eb08dbb3708431c449fffe8338e5
-
SHA512
0bd1fc5ded778006ebbc2d6e9288dd5665b26bebb209d7ba40e8a08aa8c36eda35ef227b39958b493f06a06ddbea477b571332b2dd86c67c0806d71bf128341b
-
SSDEEP
12288:A79xzQKbXOJz0XXLyw+5iCxJ2rvvLTr8aSVd1Jkx1r7HrcFxJ+O2NimOMt+:lfz0HAiCubvLTar1Jkx1r7HrcFmO2NiQ
Static task
static1
Behavioral task
behavioral1
Sample
PRE ALERT KUL-BKI PNUE00951848 4511679901 Maritime n Industrial AE 455681 264-43349902 N7351 20 NOV - DDP TERMS.exe
Resource
win7-20230220-en
Malware Config
Extracted
formbook
4.1
c29i
chrestheryulelog.com
awesomecustomerservice.com
4455m.net
vonek76k.com
zwelishaprojects.africa
bbangnmoolgogi.com
howickmenswears.com
ba225.com
ipl2018livescore.com
ohprovider.co.uk
handymanservices.shop
1wzxtq.top
busy-people-gifts.com
invited.rsvp
heihei.fun
micloudlogin.page
hwyi1319.com
alitechnologyes.com
hysminai.com
liuyikj.com
709ai7d.store
burgerking.africa
debrislabs.xyz
live2024americanelection.com
versfeldboerdery.africa
dragonschristmas.com
bestway2.shop
cceasybuy.com
instantboost.africa
allianzcolombiana.com
fghre.com
iweb5logmt.com
efefsquirrel.buzz
nkechi.africa
garotospodres.com
corleanat.com
jamespadilladesigns.com
2022xin27.bar
bmardius.com
emstruckandtrailerrepair.com
gossitup.com
1wxsfy.top
danilov-geo.ru
jio6v.com
cell-phone-discover-now.life
hokahouse.top
gazmks.ru
jjssalonconcepts.com
icconnectors.icu
flavaflamez.shop
boudoirnxt.com
jennyslaughlovenation.online
investoren-projekte.com
feefree.net
aleutiancapitaltemp.com
kishoreganjpratidin.online
66y121.xyz
alphaoomega.academy
delitedentalclinic.com
027hq.net
kromaconstruction.com
dvtekhv.ru
aoiunionbank.com
masxot.xyz
01-buy.com
Targets
-
-
Target
PRE ALERT KUL-BKI PNUE00951848 4511679901 Maritime n Industrial AE 455681 264-43349902 N7351 20 NOV - DDP TERMS.exe
-
Size
737KB
-
MD5
5a31e71dbdb0b31c5af2b1c1c32936ce
-
SHA1
aecf6320581856198779afec0c1e816961e9757d
-
SHA256
2358f255cb8390a108fca6934209b56e8f72eb08dbb3708431c449fffe8338e5
-
SHA512
0bd1fc5ded778006ebbc2d6e9288dd5665b26bebb209d7ba40e8a08aa8c36eda35ef227b39958b493f06a06ddbea477b571332b2dd86c67c0806d71bf128341b
-
SSDEEP
12288:A79xzQKbXOJz0XXLyw+5iCxJ2rvvLTr8aSVd1Jkx1r7HrcFxJ+O2NimOMt+:lfz0HAiCubvLTar1Jkx1r7HrcFmO2NiQ
-
Formbook payload
-
Suspicious use of SetThreadContext
-