Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

8_sample.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8_sample.bin

  • Size

    29KB

  • Sample

    231013-s1xglsbb21

  • MD5

    441198e764d65901601e49920caaac31

  • SHA1

    4e9362c675097686a0a84147b16567fce402a78d

  • SHA256

    4793b892c2efde4b9c0253226c7c3ee3f96e0c30744a0bbde3dbdf4307353944

  • SHA512

    1829d3133d25c6fda1c927498b5ae0e2e3524e24959b31502cb2a9e1091d37d53a543f52de549c6daca4281ad08bff071a130f71c8f5166ce83b86b3d895d571

  • SSDEEP

    768:d5eDlBEtlGdTRyWHnoyKFSTxxIilCi6LhlGax:d6lB4l83HnTvNCi6LTGax

Score
10/10
originbotnetkeyloggerrattrojan

Malware Config

Extracted

Family

originbotnet

C2

https://joshua6440.nitrosoftwares.shop/gate

Attributes
  • add_startup

    false

  • download_folder_name

    jfede1fc.mke

  • hide_file_startup

    false

  • startup_directory_name

    MnNshND

  • startup_environment_name

    appdata

  • startup_installation_name

    MnNshND.exe

  • startup_registry_name

    MnNshND

  • user_agent

    Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:99.0) Gecko/20100101 Firefox/99.0

Targets

    • Target

      8_sample.bin

    • Size

      29KB

    • MD5

      441198e764d65901601e49920caaac31

    • SHA1

      4e9362c675097686a0a84147b16567fce402a78d

    • SHA256

      4793b892c2efde4b9c0253226c7c3ee3f96e0c30744a0bbde3dbdf4307353944

    • SHA512

      1829d3133d25c6fda1c927498b5ae0e2e3524e24959b31502cb2a9e1091d37d53a543f52de549c6daca4281ad08bff071a130f71c8f5166ce83b86b3d895d571

    • SSDEEP

      768:d5eDlBEtlGdTRyWHnoyKFSTxxIilCi6LhlGax:d6lB4l83HnTvNCi6LTGax

    Score
    10/10
    originbotnetkeyloggerrattrojan
    behavioral1

MITRE ATT&CK Matrix

Tasks