Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ade04d8a75cdd78300fb20b8f7f1877700e800486c18398605e430238e771389
-
Size
442KB
-
Sample
230817-tbg63acb4t
-
MD5
483b7dc5b76cab882f2f50be0c9cf674
-
SHA1
68b36ad0850a7ed326f4610e184410120f56d5a5
-
SHA256
ade04d8a75cdd78300fb20b8f7f1877700e800486c18398605e430238e771389
-
SHA512
817df7c122e8eed9faa0c3d9c96f104a4c355a860e4a34f2bf2d7187b0dc41805c610420f6ba96cf923436396e5a63a2cd492da5e347a880b04584bbefb12aa4
-
SSDEEP
6144:AqicncwMi6X5Zf9cH7ReZBwDL4/fKkPHqtRsUa068CCp5jAJG2JI6fmMHgLmQh:AqTcwmVO9eqL4xKrXaX8JZAg6xumq
Malware Config
Targets
-
-
Target
ade04d8a75cdd78300fb20b8f7f1877700e800486c18398605e430238e771389
-
Size
442KB
-
MD5
483b7dc5b76cab882f2f50be0c9cf674
-
SHA1
68b36ad0850a7ed326f4610e184410120f56d5a5
-
SHA256
ade04d8a75cdd78300fb20b8f7f1877700e800486c18398605e430238e771389
-
SHA512
817df7c122e8eed9faa0c3d9c96f104a4c355a860e4a34f2bf2d7187b0dc41805c610420f6ba96cf923436396e5a63a2cd492da5e347a880b04584bbefb12aa4
-
SSDEEP
6144:AqicncwMi6X5Zf9cH7ReZBwDL4/fKkPHqtRsUa068CCp5jAJG2JI6fmMHgLmQh:AqTcwmVO9eqL4xKrXaX8JZAg6xumq
Score1/10 -
-
-
Target
New Order.exe
-
Size
889KB
-
MD5
9cf6063608f250626f2834856396092c
-
SHA1
98371d8f9c1002fb0f916c99649bea2ce6cae1b3
-
SHA256
c9e9c0c331d38ad123557f095bf0eb4ee4e11d00a6b39e923a33e18102f91d4f
-
SHA512
fc81ee5bcd34dc55ad161ac8dbf4afb1cdd54affab694b4c39f0a2d088ed1e529ba001fa4199278054c5efc349edb404bcd18eb79a1921defc7e4746c9d2b842
-
SSDEEP
12288:dHsLMTTxTdyFOILC3KrXwX8dZAg6jumsMT:dHQGdVIO3cXwMzAPi3
Score7/10-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious use of SetThreadContext
-