Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

Popai_Loader.exe

windows7-x64

7

Popai_Loader.exe

windows10-2004-x64

7

Resubmissions

30/10/2023, 01:18

231030-bn3z7abh46 10

30/10/2023, 01:16

231030-bm8t2sab2t 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Popai_Loader.exe

  • Size

    15.2MB

  • Sample

    231030-bm8t2sab2t

  • MD5

    e9eab90c8b4ffb4b91b403c4796f4269

  • SHA1

    903e8fbb42a70ef9d94f9d5ad407e10dae3952bc

  • SHA256

    b80406cbedbf330a5c5658b775d39947ae3c3ef50758589972b8c1a37cbc95ce

  • SHA512

    648f07cac6b85f40def8a4715aba76c1c4a0ff62b400cf0e181d97a7a9521e120697b7bb79bd41a74e969c0c0194dc8f28a134f60e7cd139c9d47452cf161866

  • SSDEEP

    393216:SiIE7YoPQqTxdQuslSq99oWOv+9qDg7F0357aw:77rPQuxdQuSDorvSf7FE77

Score
10/10
crealstealerpyinstallerspywarestealer

Malware Config

Targets

    • Target

      Popai_Loader.exe

    • Size

      15.2MB

    • MD5

      e9eab90c8b4ffb4b91b403c4796f4269

    • SHA1

      903e8fbb42a70ef9d94f9d5ad407e10dae3952bc

    • SHA256

      b80406cbedbf330a5c5658b775d39947ae3c3ef50758589972b8c1a37cbc95ce

    • SHA512

      648f07cac6b85f40def8a4715aba76c1c4a0ff62b400cf0e181d97a7a9521e120697b7bb79bd41a74e969c0c0194dc8f28a134f60e7cd139c9d47452cf161866

    • SSDEEP

      393216:SiIE7YoPQqTxdQuslSq99oWOv+9qDg7F0357aw:77rPQuxdQuSDorvSf7FE77

    Score
    7/10
    spywarestealer

    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks