Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
FedEx Receipt_AWB#530532320463143.exe
-
Size
480KB
-
Sample
230510-ftks1sgc5w
-
MD5
383763d02b0bfdbfd9e26d2416b3aa13
-
SHA1
813be123bd83f8ce5ec43c1777b5a08d237c417a
-
SHA256
c8e8f7f75e522acef9134c34a0d74ad0f3e7c52d28aeb890823e506f7bd71597
-
SHA512
8b2d7664776723ee53cee3ae31c96418c00ffe10e11cd30cdf3ef9a2267a3353b25206eef8a76893bfe5912d9e518ec5e6a346f5a548b0326419788290f6d41a
-
SSDEEP
12288:hU4JJTDLDlY6XR+P9zEBOrBq92O6YrcY/t:hLrTX/kBEB8O6YrN/
Static task
static1
Behavioral task
behavioral1
Sample
FedEx Receipt_AWB#530532320463143.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
FedEx Receipt_AWB#530532320463143.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
lokibot
http://104.156.227.195/~blog/?p=8487516010
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
FedEx Receipt_AWB#530532320463143.exe
-
Size
480KB
-
MD5
383763d02b0bfdbfd9e26d2416b3aa13
-
SHA1
813be123bd83f8ce5ec43c1777b5a08d237c417a
-
SHA256
c8e8f7f75e522acef9134c34a0d74ad0f3e7c52d28aeb890823e506f7bd71597
-
SHA512
8b2d7664776723ee53cee3ae31c96418c00ffe10e11cd30cdf3ef9a2267a3353b25206eef8a76893bfe5912d9e518ec5e6a346f5a548b0326419788290f6d41a
-
SSDEEP
12288:hU4JJTDLDlY6XR+P9zEBOrBq92O6YrcY/t:hLrTX/kBEB8O6YrN/
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-