Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
FedEx_AWB#725323201643.exe
-
Size
446KB
-
Sample
230815-pxx27acf7s
-
MD5
255f19c4ccdc14e35b44074ffc8e5607
-
SHA1
2a694b6ca0e8c00a09eab590a45964cc301a4b75
-
SHA256
9ee5d34b5de79e79f492e962d73fb45d7eb63d6b5f146e29a1a27a7bcb6c9a14
-
SHA512
73a749978219906d58b5e3b7740e86c91d1aa073f00b281787667c1d042fe5f37b609549d8b7eb730d391513f16dd5b3375bf083a76bc3194015cc48353d6482
-
SSDEEP
12288:KPV/OR9skrZfEgQq02Bs8RgIrQrDT1l+B/JMdWf8QT:/3vr2202+82I8rtaBM4f8
Static task
static1
Behavioral task
behavioral1
Sample
FedEx_AWB#725323201643.exe
Resource
win7-20230712-en
Malware Config
Extracted
lokibot
http://216.128.145.196/~wellseconds/?p=66663842554017
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
FedEx_AWB#725323201643.exe
-
Size
446KB
-
MD5
255f19c4ccdc14e35b44074ffc8e5607
-
SHA1
2a694b6ca0e8c00a09eab590a45964cc301a4b75
-
SHA256
9ee5d34b5de79e79f492e962d73fb45d7eb63d6b5f146e29a1a27a7bcb6c9a14
-
SHA512
73a749978219906d58b5e3b7740e86c91d1aa073f00b281787667c1d042fe5f37b609549d8b7eb730d391513f16dd5b3375bf083a76bc3194015cc48353d6482
-
SSDEEP
12288:KPV/OR9skrZfEgQq02Bs8RgIrQrDT1l+B/JMdWf8QT:/3vr2202+82I8rtaBM4f8
-
Suspicious use of SetThreadContext
-