Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Loader.exe
-
Size
81.0MB
-
Sample
230922-q5nn6agd21
-
MD5
157b41ce7e540bf79ef5c041d709e0b3
-
SHA1
f2735168b5ecef8db52a086b52d8d675c5645950
-
SHA256
0bbd8739b38dac925b15fdcfa9ed19ba8d9b07829121f68ba92852d15b5904a9
-
SHA512
9d4e6eea32b73f06f5bab4f5f91f24cd8710473653bb676424dc6bd60845a87b667e009ff1d8b069c992f82d2ba78ac617e3dc566a6822dc57e1da9225b50200
-
SSDEEP
1572864:0Qt6PBr27ZS1ril7h9rW1LrKiqm2T17nD0Cwu5Q/KZYlctoka4ArnjoPHGW:0dhEZSBM7h9QLfqmY1Di9SQctWTjoPGW
Malware Config
Targets
-
-
Target
Loader.exe
-
Size
81.0MB
-
MD5
157b41ce7e540bf79ef5c041d709e0b3
-
SHA1
f2735168b5ecef8db52a086b52d8d675c5645950
-
SHA256
0bbd8739b38dac925b15fdcfa9ed19ba8d9b07829121f68ba92852d15b5904a9
-
SHA512
9d4e6eea32b73f06f5bab4f5f91f24cd8710473653bb676424dc6bd60845a87b667e009ff1d8b069c992f82d2ba78ac617e3dc566a6822dc57e1da9225b50200
-
SSDEEP
1572864:0Qt6PBr27ZS1ril7h9rW1LrKiqm2T17nD0Cwu5Q/KZYlctoka4ArnjoPHGW:0dhEZSBM7h9QLfqmY1Di9SQctWTjoPGW
Score7/10-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
-
-
Target
main.pyc
-
Size
22KB
-
MD5
a17affd3f59277f6d701782b09ecc90f
-
SHA1
6ab4597452853988450b4f1ab280d272f01d2392
-
SHA256
4575fa03991f8899b49c357b5699c9b4cd48b93f9e8495d02c3010c2c0ee196b
-
SHA512
dcc1b0d30f07c69cb3d95882338bb102188ba031a87d7e9286db9d6e9a1d4a9bacd4c4e03f4967656b08dbdf0bef71f2f76e075f8bc7a9f76505848f9c9d99c2
-
SSDEEP
384:6ChogG/YRhh7hiPThB9IZ+FJW2pLX0rzr80paZeGFm4SMYR2zLEwhw1MMf5Ly68N:6yMCeOf8waoGFuM7Lw1w69u
Score3/10 -