Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1b652800024590656654fceba385c2113d3be8c6fdefb2751657ec45c5fa82dc
-
Size
566KB
-
Sample
231106-q18tjabe2t
-
MD5
d72bf664f772e823c569ffce19acabc4
-
SHA1
429a8e7d1427f81ea9781138118209fb77bb4f17
-
SHA256
1b652800024590656654fceba385c2113d3be8c6fdefb2751657ec45c5fa82dc
-
SHA512
6ff655873c739ce25d0a8499ab057c44c98ef20acfca5f56539e20dc1bec7cfbecfa4d1cd4ffcdd942d18fb49a5b7f689e0af05e777fd9686cf774e38fa6e6d6
-
SSDEEP
12288:SUQPnB6gl4xRetxhjXQNHJlMgQhJ4mazhcGoZE0vTPxbYU9G:/qnMnxRCVQ1MgQhJ4mOyGo2ETPJc
Static task
static1
Behavioral task
behavioral1
Sample
Receipt copy_06_11_2023.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
Receipt copy_06_11_2023.exe
Resource
win10v2004-20231020-en
Malware Config
Extracted
lokibot
http://305.ebnsina.top/_errorpages/305/five/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
Receipt copy_06_11_2023.exe
-
Size
632KB
-
MD5
ef1672f5eca7537099892961b0d50e84
-
SHA1
c9a4fcf743e49c6d73f85804115ebbc1e653c726
-
SHA256
3f143e73dca2b93182b5871b4df93dad4c5def58dc4b1f0d7c7cfdbd47d39c88
-
SHA512
a5c694556f2ad9a08262594ee7476fb94c1bb381ebe92d98761fe60a8f07d91aa958a9c61ccaf3579df77266f0007f6f40043f9a9e4cee3e101d231029458ef9
-
SSDEEP
12288:UCWjtn/6O9xReXx5j5Q7pJxM0QfTJ2B24j4X9hBkxmkXa7BemEpWCm:UVhnSO9xRyrQdM0QfTJ2BOtrkgkXa7B/
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-