Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
69b78313535ef2b6dc89c71b8c389907e8a02cccb5d9fdee05833d69aac84c0fexe_JC.exe
-
Size
283KB
-
Sample
230805-mlxwyabe83
-
MD5
3ebc4be338c1302a6f6e0bd7b54fe53e
-
SHA1
815f0f48fa90603919cf33ba25f99cf0a4b9996d
-
SHA256
69b78313535ef2b6dc89c71b8c389907e8a02cccb5d9fdee05833d69aac84c0f
-
SHA512
fac2ca3553cbad3c1f875e725cc65b116298c8b730902c4b7a0c48fbd957015e38d7df332bfc54266215407ac7f0059046aabf176e08f4e9bc945926fbeb3944
-
SSDEEP
6144:/Ya6BoVt7aHVDMwNv7veEH06QgBQxj3yMu9LQs6QRVdk1g:/YTM7aBNv7vuIQ5yzaQu2
Static task
static1
Behavioral task
behavioral1
Sample
69b78313535ef2b6dc89c71b8c389907e8a02cccb5d9fdee05833d69aac84c0fexe_JC.exe
Resource
win7-20230712-en
Malware Config
Extracted
formbook
4.1
sn26
resenha10.bet
gulshan-rajput.com
xbus.tech
z813my.cfd
wlxzjlny.cfd
auntengotiempo.com
canada-reservation.com
thegiftcompany.shop
esthersilveirapropiedades.com
1wapws.top
ymjblnvo.cfd
termokimik.net
kushiro-artist-school.com
bmmboo.com
caceresconstructionservices.com
kentuckywalkabout.com
bringyourcart.com
miamiwinetour.com
bobcatsocial.site
thirdmind.network
4tbbwa.com
rhinosecurellc.net
rdparadise.com
radpm.xyz
thewhiteorchidspa.com
clhynfco.cfd
ngohcvja.cfd
woodennickelcandles.com
gg18rb.cfd
qcdrxwr.cfd
974dp.com
lagardere-vivendi-corp.net
chestnutmaretraining.com
seosjekk.online
ahevrlh.xyz
uedam.xyz
natrada.love
yoywvfw.top
unifiedtradingjapan.com
chinakaldi.com
agenciacolmeiadigital.com
wdlzzfkc.cfd
097850.com
xingcansy.com
uahrbqtj.cfd
charliehaywood.com
witheres.shop
sqiyvdrx.cfd
biopfizer.com
tiktokviewer.com
prftwgmw.cfd
sfsdnwpf.cfd
linkboladewahub.xyz
orvados.com
goodshepherdopcesva.com
christianlovewv.com
cdicontrols.com
hawskio26.click
ownlegalhelp.com
tiydmdzp.cfd
ppirr.biz
stonyatrick.com
itsamazingbarley.com
msjbaddf.cfd
zachmahl.com
Targets
-
-
Target
69b78313535ef2b6dc89c71b8c389907e8a02cccb5d9fdee05833d69aac84c0fexe_JC.exe
-
Size
283KB
-
MD5
3ebc4be338c1302a6f6e0bd7b54fe53e
-
SHA1
815f0f48fa90603919cf33ba25f99cf0a4b9996d
-
SHA256
69b78313535ef2b6dc89c71b8c389907e8a02cccb5d9fdee05833d69aac84c0f
-
SHA512
fac2ca3553cbad3c1f875e725cc65b116298c8b730902c4b7a0c48fbd957015e38d7df332bfc54266215407ac7f0059046aabf176e08f4e9bc945926fbeb3944
-
SSDEEP
6144:/Ya6BoVt7aHVDMwNv7veEH06QgBQxj3yMu9LQs6QRVdk1g:/YTM7aBNv7vuIQ5yzaQu2
-
Formbook payload
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-