Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
89e4b73817aa05f9f99ec762a1c622021a7bbf20dc854dc3988bd3a06f22437f
-
Size
262KB
-
Sample
231016-frdxpadh49
-
MD5
164c9c81271b7c25d900b74e6eef8038
-
SHA1
7ef43c27a32faae23f47f8c93c44ed065a558476
-
SHA256
89e4b73817aa05f9f99ec762a1c622021a7bbf20dc854dc3988bd3a06f22437f
-
SHA512
4c4f925aed36d0b4f09165c19744ec24feee78487af05615ec4615d900c83c0176c80abdf52a2e4771ab91ce201d00cb0db62811c870609cac5ea8f1ec243852
-
SSDEEP
3072:fBNXO1mXe60TK2z9zmbBuV56Uclyp8Z/IuR9pwpbH2UN+SIZRnpCkXi:ZhX90e2z9zmbgVMWI/IuR9uJH/oSQlp
Static task
static1
Malware Config
Extracted
stealc
http://aidandylan.top
-
url_path
/3886d2276f6914c4.php
Targets
-
-
Target
89e4b73817aa05f9f99ec762a1c622021a7bbf20dc854dc3988bd3a06f22437f
-
Size
262KB
-
MD5
164c9c81271b7c25d900b74e6eef8038
-
SHA1
7ef43c27a32faae23f47f8c93c44ed065a558476
-
SHA256
89e4b73817aa05f9f99ec762a1c622021a7bbf20dc854dc3988bd3a06f22437f
-
SHA512
4c4f925aed36d0b4f09165c19744ec24feee78487af05615ec4615d900c83c0176c80abdf52a2e4771ab91ce201d00cb0db62811c870609cac5ea8f1ec243852
-
SSDEEP
3072:fBNXO1mXe60TK2z9zmbBuV56Uclyp8Z/IuR9pwpbH2UN+SIZRnpCkXi:ZhX90e2z9zmbgVMWI/IuR9uJH/oSQlp
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-