Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

docyo20230907.exe

windows7-x64

10

docyo20230907.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    docyo20230907.zip

  • Size

    622KB

  • Sample

    231014-mxa7baef62

  • MD5

    139c080410b21352f1b26d0635a3f1be

  • SHA1

    5fabd68d90e0cae11a7df310eeb580752fbcd52a

  • SHA256

    d3883ab2fd81c7fc8acf2d918e5fc54b94e8062e96ac2949cd4d483627d74e9c

  • SHA512

    3ac82defceae0902a2607bd9f5cad9d3b2d4070443bb5b401282cd315a594b2a2ae796d7d96bbe8fe96ce97bafa674783f9bad38eb30dc886c45b6c75847b107

  • SSDEEP

    12288:bx8ckewnZ5BgUaXnKYnGQXHxfFMuybYABeVuyOsIZwsYIE7:bxNkesABHPXHxfFibxQVO1ZwsYb

Score
10/10
originbotnetkeyloggerrattrojan

Malware Config

Extracted

Family

originbotnet

C2

https://nitrosoftwares.shop/gate

Attributes
  • add_startup

    false

  • download_folder_name

    kzjfo5t0.k2j

  • hide_file_startup

    false

  • startup_directory_name

    IrIPdj

  • startup_environment_name

    appdata

  • startup_installation_name

    IrIPdj.exe

  • startup_registry_name

    IrIPdj

  • user_agent

    Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:99.0) Gecko/20100101 Firefox/99.0

Targets

    • Target

      docyo20230907.exe

    • Size

      400.0MB

    • MD5

      b6f02ae0143522913a83bce1dff78d8b

    • SHA1

      94d3eabd29cdca3fecd7bc73b05411a5289c6f8a

    • SHA256

      998e4dba4672aadfded633d9f4f728d640a563ead01145b00a7e67aad2f04f91

    • SHA512

      8ad67fe29c257eb806536ef193974569d3610171ff11aab3ef28d72b7c5076d5394236158bd1910993693aa4dccbaa304d9c0e937e148ae7b44dbed05e30e2f3

    • SSDEEP

      3072:EZa0OuzXxW/hAPGgHnVT2yB116xFHy8FlDQhXFCyxcxNs6jA0NO1y6jw03LQ0yRT:EA0OqaA7y2YxM8FlC6mTkH7

    Score
    10/10
    originbotnetkeyloggerrattrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks