Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
007cf7cd35590b537a42ec752e75d64bf6f37315018023c6fbc63ab77560bc45
-
Size
2.5MB
-
Sample
231013-epdcpsfc87
-
MD5
63ccd2218ba9abe0d8fb48d03343854b
-
SHA1
094179e09568ee5b5316d7c70c4073bc99bd1127
-
SHA256
007cf7cd35590b537a42ec752e75d64bf6f37315018023c6fbc63ab77560bc45
-
SHA512
56d4973ba358df996fa17adc2c6eca8c8b04bab3c45ee3f5df77fd4f7e11a88941bd759dea6126b85e85362a08d5f4ff8a904512618ffacf5314727424eb11c5
-
SSDEEP
49152:CL2s5FXQ4EmojLjCRELVf7Avil+dHIsLp1thIikN+6u2hs7:CpzX71oDCRAZUviAHImDqia7hs7
Static task
static1
Behavioral task
behavioral1
Sample
007cf7cd35590b537a42ec752e75d64bf6f37315018023c6fbc63ab77560bc45.exe
Resource
win7-20230831-en
Malware Config
Extracted
stealc
http://aidandylan.top
-
url_path
/3886d2276f6914c4.php
Targets
-
-
Target
007cf7cd35590b537a42ec752e75d64bf6f37315018023c6fbc63ab77560bc45
-
Size
2.5MB
-
MD5
63ccd2218ba9abe0d8fb48d03343854b
-
SHA1
094179e09568ee5b5316d7c70c4073bc99bd1127
-
SHA256
007cf7cd35590b537a42ec752e75d64bf6f37315018023c6fbc63ab77560bc45
-
SHA512
56d4973ba358df996fa17adc2c6eca8c8b04bab3c45ee3f5df77fd4f7e11a88941bd759dea6126b85e85362a08d5f4ff8a904512618ffacf5314727424eb11c5
-
SSDEEP
49152:CL2s5FXQ4EmojLjCRELVf7Avil+dHIsLp1thIikN+6u2hs7:CpzX71oDCRAZUviAHImDqia7hs7
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-