Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
WinRAR
-
Size
7.5MB
-
Sample
230918-lpbmfagd9w
-
MD5
594b89043f7f46da2e009ef65088f456
-
SHA1
f09204613c16f11eb6b9b540bb5c9fb2bb5b9802
-
SHA256
8a597a8e9860ac2acab782024cb920c47538d1cb9d8aefb37ac8404975197e2a
-
SHA512
0fcb7f74866a1aefae076d47a7b5c5caa65eb96b62d812c43efaf263adb4cd73f00673e27404b08c2d7e44c5ca8820e19bd25ca14e72e8fe7e4db473ae082430
-
SSDEEP
98304:Jwe+eYgI6OshoKyDvuIYc5AhV+gEc4kZvRLoI0EJfNA3z5UTbUv9JTSPhlVtQo1J:JFYmOshoKMuIkhVastRL5Di3tKoSPJh
Malware Config
Targets
-
-
Target
WinRAR
-
Size
7.5MB
-
MD5
594b89043f7f46da2e009ef65088f456
-
SHA1
f09204613c16f11eb6b9b540bb5c9fb2bb5b9802
-
SHA256
8a597a8e9860ac2acab782024cb920c47538d1cb9d8aefb37ac8404975197e2a
-
SHA512
0fcb7f74866a1aefae076d47a7b5c5caa65eb96b62d812c43efaf263adb4cd73f00673e27404b08c2d7e44c5ca8820e19bd25ca14e72e8fe7e4db473ae082430
-
SSDEEP
98304:Jwe+eYgI6OshoKyDvuIYc5AhV+gEc4kZvRLoI0EJfNA3z5UTbUv9JTSPhlVtQo1J:JFYmOshoKMuIkhVastRL5Di3tKoSPJh
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-