Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f26c64f64ddc778dbb2a43610108900f160cb599b91a211c1c8105d4a7757493
-
Size
951KB
-
Sample
230416-vrfhvaaf94
-
MD5
b9e06bf0bb584793b841aff9a07d37f5
-
SHA1
51c9f7dbbc4135d85282b552a32d8b58cda52fa4
-
SHA256
f26c64f64ddc778dbb2a43610108900f160cb599b91a211c1c8105d4a7757493
-
SHA512
32a17b6da0e9236a031b488c8fd4b9628157e8188caf4fcf0251398477a8fb91e393351482445c02957c43e39b676f0ab4e54ae747c828ece4bb3c19358ad9c4
-
SSDEEP
24576:qyEK5xUIHq08B72S1vCbYQd+Dion8Lq0:xEK5bHlybqbYWGio8Lq
Malware Config
Targets
-
-
Target
f26c64f64ddc778dbb2a43610108900f160cb599b91a211c1c8105d4a7757493
-
Size
951KB
-
MD5
b9e06bf0bb584793b841aff9a07d37f5
-
SHA1
51c9f7dbbc4135d85282b552a32d8b58cda52fa4
-
SHA256
f26c64f64ddc778dbb2a43610108900f160cb599b91a211c1c8105d4a7757493
-
SHA512
32a17b6da0e9236a031b488c8fd4b9628157e8188caf4fcf0251398477a8fb91e393351482445c02957c43e39b676f0ab4e54ae747c828ece4bb3c19358ad9c4
-
SSDEEP
24576:qyEK5xUIHq08B72S1vCbYQd+Dion8Lq0:xEK5bHlybqbYWGio8Lq
Score10/10-
Amadey
Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.
-
Modifies Windows Defender Real-time Protection settings
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Windows security modification
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-