Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
724ad0f724d2aba12940a1eeeede2980.exe
-
Size
367KB
-
Sample
230419-bhs8sshb5z
-
MD5
724ad0f724d2aba12940a1eeeede2980
-
SHA1
7c78985a6a73aabf2dc2dbbe4ef8f39f35f69c00
-
SHA256
8d108254a8f52c795d01e4fa87ac70437873d1073e38c179716e5fa40816b82f
-
SHA512
685041a0540ee78483811d31cae0807e8ed5e935557aa0f4d95b4f4a86ec2c68acd0925fe7245f61b0a5e978e29c036fa9d1cf873e56e9d7bcc98c8a5d6d7c6d
-
SSDEEP
6144:7Ya6E9UJPbOrLRGNr8dPXw+kaBBIHtDhA7XbX5PGwhwtWT732fz0YThqHVTH6HuX:7Yq9UJzOa8w+kImHPm1LT73270FHHM78
Static task
static1
Behavioral task
behavioral1
Sample
724ad0f724d2aba12940a1eeeede2980.exe
Resource
win7-20230220-en
Malware Config
Extracted
formbook
4.1
htqs
calvingross.com
al-andalusi.shop
cartvey.com
omdestinationweddings.com
arolo.site
avh.life
lifesaversministrypakistan.com
91gag.com
sucessodenegocio.com
stillrockphotography.com
matrixpro.xyz
ingeborgbleonard.icu
gatorfunding.services
truevoicetea.com
rentz-elektro.com
winetasting.tips
nerdppc.com
weareroamingexpert.com
silvermacpro.com
grandmakadescustomquilts.com
clotheslist.com
barefootrestaurantil.com
zweei.com
m3mparagongurgaon.site
waterstone-abroad.com
balance-market.ru
tdpsampark.com
firstaidbank.com
regularizeimoveispr.com
atstaxpro.com
nvidia-driver.info
yieldasset.net
academixdierct.com
rggamer.com
leatherpocketbooks.com
wh9star.com
ic0.computer
sbratchik.ru
hmine.fun
suplux.homes
aarogyamedicine.com
inovakoni.com
8ppdy.xyz
cornishtrailguide.co.uk
5111m.com
robertduffywoodturnings.com
kitaqq.website
ilovethecraze.com
creativeavenueinc.com
fireplat.com
revolutionaryfinds.com
frutasindustrias.store
creatifroom.com
altered-view.com
www-66552.com
sepuluhgesit.shop
fortifiedfinancialsolutions.com
mszsora.com
resurrectedroastingco.com
singfuskincare.net
brightodhove.uk
stratst0ne.com
somwear.xyz
libaslim.com
worsall.com
Targets
-
-
Target
724ad0f724d2aba12940a1eeeede2980.exe
-
Size
367KB
-
MD5
724ad0f724d2aba12940a1eeeede2980
-
SHA1
7c78985a6a73aabf2dc2dbbe4ef8f39f35f69c00
-
SHA256
8d108254a8f52c795d01e4fa87ac70437873d1073e38c179716e5fa40816b82f
-
SHA512
685041a0540ee78483811d31cae0807e8ed5e935557aa0f4d95b4f4a86ec2c68acd0925fe7245f61b0a5e978e29c036fa9d1cf873e56e9d7bcc98c8a5d6d7c6d
-
SSDEEP
6144:7Ya6E9UJPbOrLRGNr8dPXw+kaBBIHtDhA7XbX5PGwhwtWT732fz0YThqHVTH6HuX:7Yq9UJzOa8w+kImHPm1LT73270FHHM78
-
Formbook payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-