Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

ExLoader_I...er.exe

windows7-x64

7

ExLoader_I...er.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ExLoader_Installer.exe

  • Size

    19.0MB

  • Sample

    230929-26wlyage45

  • MD5

    eb4545711587d5d2371785a0fc31fa13

  • SHA1

    efff50b0ed9870eb7f6886727c92de259c5fcbbc

  • SHA256

    7fb63fd8ed79d0b1658d9ceb36347d911fcb381530d297c75bc6431c8f600176

  • SHA512

    7a029f99e6faa2eff31db776ad7c18888a2ab27d4fe93ffdae94f90ece187e369cbd7fc2180e0e69f99df9f54f206fc4d83edbf07b73e9a9414bbb45b68641f4

  • SSDEEP

    393216:QXOZwmnD4T1mS3K35CJsVpTeBPVOECFsu2yVTcntWXD4:xXDi1l8DpSBPVFksaTLD4

Score
7/10
spywarestealerupx

Malware Config

Targets

    • Target

      ExLoader_Installer.exe

    • Size

      19.0MB

    • MD5

      eb4545711587d5d2371785a0fc31fa13

    • SHA1

      efff50b0ed9870eb7f6886727c92de259c5fcbbc

    • SHA256

      7fb63fd8ed79d0b1658d9ceb36347d911fcb381530d297c75bc6431c8f600176

    • SHA512

      7a029f99e6faa2eff31db776ad7c18888a2ab27d4fe93ffdae94f90ece187e369cbd7fc2180e0e69f99df9f54f206fc4d83edbf07b73e9a9414bbb45b68641f4

    • SSDEEP

      393216:QXOZwmnD4T1mS3K35CJsVpTeBPVOECFsu2yVTcntWXD4:xXDi1l8DpSBPVFksaTLD4

    Score
    7/10
    spywarestealerupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks