Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
53640549adeafc14bff28e22e.exe
-
Size
750KB
-
Sample
230704-pxmw8ach65
-
MD5
53640549adeafc14bff28e22e378b681
-
SHA1
c46173128148a0fb90c7aa67553068035edc8d04
-
SHA256
f8be822eb877bfb50b6d04449004f9778ed732b877c4f2975313b8559cf6e842
-
SHA512
0c74669ac5fcc63f0579acd7a377bf286e5bb3b5e574efbc14e541471c87b46d88bc6e76e2bd974223a079944acda0a7a7f7ca829f2e2e8de0a88acc9653ff24
-
SSDEEP
12288:VS/nqdGGwe4kVt7eKS9HvO1WVZ08yDgG:cSwGwNZKMeX
Static task
static1
Behavioral task
behavioral1
Sample
53640549adeafc14bff28e22e.exe
Resource
win7-20230703-en
Malware Config
Extracted
stealc
http://45.150.65.128/bcbdd35a8286b150.php
Targets
-
-
Target
53640549adeafc14bff28e22e.exe
-
Size
750KB
-
MD5
53640549adeafc14bff28e22e378b681
-
SHA1
c46173128148a0fb90c7aa67553068035edc8d04
-
SHA256
f8be822eb877bfb50b6d04449004f9778ed732b877c4f2975313b8559cf6e842
-
SHA512
0c74669ac5fcc63f0579acd7a377bf286e5bb3b5e574efbc14e541471c87b46d88bc6e76e2bd974223a079944acda0a7a7f7ca829f2e2e8de0a88acc9653ff24
-
SSDEEP
12288:VS/nqdGGwe4kVt7eKS9HvO1WVZ08yDgG:cSwGwNZKMeX
-
Detects Stealc stealer
-
Looks for VirtualBox Guest Additions in registry
-
Looks for VMWare Tools registry key
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-