Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
90c945b94c8009ea59df1297db8d5109.bin
-
Size
249KB
-
Sample
230611-b15dsaha4v
-
MD5
c31e2ffe09d664abbe68d0eb3f3c94d1
-
SHA1
22b870d18ae43123007ef251b7d4ddd231449517
-
SHA256
aa69ace5f077d8fd16797bba28b120f88e6c3a438619eefd0daa71a8089ad06d
-
SHA512
edf85bb0bbcf110c4ee30b6d880c2bca462dd0c405b42af7f115f0a6c98b7dfefd4e07ae44e54c6aea4da6d7f429bdb573d1767dabb14a677a993dfd6e6eaf71
-
SSDEEP
6144:+x8e7PzN8MvXBsvpSMqAH0fbr1y6BSCDyiGTwVfmCcebk:+7N8UBsvpmAH0fH1yASDhT8U
Malware Config
Extracted
formbook
4.1
sn84
psptek.com
seshoo.com
dogwalknwoof.com
teamdaigle.com
mimzevents.com
algerimarket.com
rr251r55r.xyz
indialgbtq.com
huatongdk.com
couplecoaches.com
fleshlierwickerwork.com
ambito365.store
hoaified.com
shunsuikeji.com
uiomke.xyz
xn--12c4dfj4gtc.net
pika-moon.fun
breakingbarriersglobal.com
aqua-ammo.com
nmc380.top
Targets
-
-
Target
a7a67f0d8860da70cc96c8b72df93811f872175a4aa94230fa583ce2368f79b1.exe
-
Size
467KB
-
MD5
90c945b94c8009ea59df1297db8d5109
-
SHA1
98fed5f6fd694523fda30db36d7ab0b772d8d249
-
SHA256
a7a67f0d8860da70cc96c8b72df93811f872175a4aa94230fa583ce2368f79b1
-
SHA512
d0197eb133ea68a3d9260ac5f125a5562ee4ada3384fe6e7023b3921c68142615abdba32f151237f892f44f03df6b5531f3363ead081412b6e0290b665cebbaf
-
SSDEEP
6144:OYa67yrc7o9gJ1nlshx+GbxCmVKduVlNxrlM8/P+ayMHZY2PRl:OYAwga1lsT+Gh8uhxrlx/P+XCfZl
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Formbook payload
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-