Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2cb5b2678054dd2f1b93d37a96b927830c4a7da699f061adee370807088257de
-
Size
3.7MB
-
Sample
231114-jy1xkshc8t
-
MD5
f353a6519b5c64d48f798d91e5235848
-
SHA1
b39fccbe042023d3385cd35eec8d418c700a73f1
-
SHA256
2cb5b2678054dd2f1b93d37a96b927830c4a7da699f061adee370807088257de
-
SHA512
f6e1c173544b3e898d3f31fd2213e741d1df8857b775c8fb37868f2f4349e37a00a7b3185e1daeb4371757d87c68377a8df7a8411e0aec48552765b52ab9f5f8
-
SSDEEP
49152:AzkFjR9Z9e5LSe70IVHxtWXq9/Z8UZMPq3/hBfcW:hMYgZHH+qEUW4BfcW
Static task
static1
Behavioral task
behavioral1
Sample
2cb5b2678054dd2f1b93d37a96b927830c4a7da699f061adee370807088257de.exe
Resource
win10-20231020-en
Malware Config
Extracted
privateloader
185.216.70.235
194.49.94.113
91.92.243.151
Targets
-
-
Target
2cb5b2678054dd2f1b93d37a96b927830c4a7da699f061adee370807088257de
-
Size
3.7MB
-
MD5
f353a6519b5c64d48f798d91e5235848
-
SHA1
b39fccbe042023d3385cd35eec8d418c700a73f1
-
SHA256
2cb5b2678054dd2f1b93d37a96b927830c4a7da699f061adee370807088257de
-
SHA512
f6e1c173544b3e898d3f31fd2213e741d1df8857b775c8fb37868f2f4349e37a00a7b3185e1daeb4371757d87c68377a8df7a8411e0aec48552765b52ab9f5f8
-
SSDEEP
49152:AzkFjR9Z9e5LSe70IVHxtWXq9/Z8UZMPq3/hBfcW:hMYgZHH+qEUW4BfcW
Score10/10-
PrivateLoader
PrivateLoader is a downloader sold as a pay-per-install malware distribution service.
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-