Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
90c945b94c8009ea59df1297db8d5109.bin
-
Size
249KB
-
Sample
230611-b15dsaha4v
-
MD5
c31e2ffe09d664abbe68d0eb3f3c94d1
-
SHA1
22b870d18ae43123007ef251b7d4ddd231449517
-
SHA256
aa69ace5f077d8fd16797bba28b120f88e6c3a438619eefd0daa71a8089ad06d
-
SHA512
edf85bb0bbcf110c4ee30b6d880c2bca462dd0c405b42af7f115f0a6c98b7dfefd4e07ae44e54c6aea4da6d7f429bdb573d1767dabb14a677a993dfd6e6eaf71
-
SSDEEP
6144:+x8e7PzN8MvXBsvpSMqAH0fbr1y6BSCDyiGTwVfmCcebk:+7N8UBsvpmAH0fH1yASDhT8U
Static task
static1
Behavioral task
behavioral1
Sample
a7a67f0d8860da70cc96c8b72df93811f872175a4aa94230fa583ce2368f79b1.exe
Resource
win7-20230220-en
Malware Config
Extracted
formbook
4.1
sn84
psptek.com
seshoo.com
dogwalknwoof.com
teamdaigle.com
mimzevents.com
algerimarket.com
rr251r55r.xyz
indialgbtq.com
huatongdk.com
couplecoaches.com
fleshlierwickerwork.com
ambito365.store
hoaified.com
shunsuikeji.com
uiomke.xyz
xn--12c4dfj4gtc.net
pika-moon.fun
breakingbarriersglobal.com
aqua-ammo.com
nmc380.top
959-25.review
esryhs.xyz
thebeadpalace.com
archermag.com
backcountrypizzaandtaphouse.com
gaidarforum.com
valeriaserranoportfolio.com
goodsneaker.online
ihopapo.com
frozzenmagic.com
t3-6qf23.xyz
blogsenso.com
kareemandahmed.net
wisdomthroughfiles.com
piluyi.com
clubordinal.xyz
nichequilt.com
daklakquetoi.click
browzwithme.com
zncdetailing.com
playquestarena.xyz
katherinekarr.com
d4pper.com
tjhbwd.com
journeyto5.com
cdnfiles.website
buy-stromectol.xyz
toolspowerhand.com
sandorgyuris.com
monstera-creations.shop
ant-tron.com
bce273.com
ysee.xyz
heelsandbrushes.com
tristone13th.shop
696e.top
24zps.com
singularity-labs.xyz
merdamao.com
bandulakeerthisinghe.com
9505g.com
canbenice.com
kpsseguros.com
turkiyebihaber.net
petatoto-lx.xyz
Targets
-
-
Target
a7a67f0d8860da70cc96c8b72df93811f872175a4aa94230fa583ce2368f79b1.exe
-
Size
467KB
-
MD5
90c945b94c8009ea59df1297db8d5109
-
SHA1
98fed5f6fd694523fda30db36d7ab0b772d8d249
-
SHA256
a7a67f0d8860da70cc96c8b72df93811f872175a4aa94230fa583ce2368f79b1
-
SHA512
d0197eb133ea68a3d9260ac5f125a5562ee4ada3384fe6e7023b3921c68142615abdba32f151237f892f44f03df6b5531f3363ead081412b6e0290b665cebbaf
-
SSDEEP
6144:OYa67yrc7o9gJ1nlshx+GbxCmVKduVlNxrlM8/P+ayMHZY2PRl:OYAwga1lsT+Gh8uhxrlx/P+XCfZl
-
Formbook payload
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-