Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
59ce4a41d5f4ba63019d17d4c0b1dd86edf3474964a02ba880fb9f6b282eee25
-
Size
200KB
-
Sample
231114-mhv8yabe3x
-
MD5
1905872741b259eeb93921f7c2a77406
-
SHA1
9cbe4954e82beaf8975e80f0279c9920e21ed67b
-
SHA256
59ce4a41d5f4ba63019d17d4c0b1dd86edf3474964a02ba880fb9f6b282eee25
-
SHA512
189dd959c9b4a1adf4a3b814df40fc04727ea11ca6221461193500971313ced3cc40020d6b80aaa417fafb98bbd68d0659ded85e0269390aa48aaf9d116baef9
-
SSDEEP
3072:n1WLR78i+aQkICMOvTHRDdWWBQA5h5gKvVqR8MRaYvpU9K:ng+nBCMc7RDoWZ5fgF9E3
Static task
static1
Malware Config
Extracted
stealc
http://bernardofata.icu
-
url_path
/40d570f44e84a454.php
Targets
-
-
Target
59ce4a41d5f4ba63019d17d4c0b1dd86edf3474964a02ba880fb9f6b282eee25
-
Size
200KB
-
MD5
1905872741b259eeb93921f7c2a77406
-
SHA1
9cbe4954e82beaf8975e80f0279c9920e21ed67b
-
SHA256
59ce4a41d5f4ba63019d17d4c0b1dd86edf3474964a02ba880fb9f6b282eee25
-
SHA512
189dd959c9b4a1adf4a3b814df40fc04727ea11ca6221461193500971313ced3cc40020d6b80aaa417fafb98bbd68d0659ded85e0269390aa48aaf9d116baef9
-
SSDEEP
3072:n1WLR78i+aQkICMOvTHRDdWWBQA5h5gKvVqR8MRaYvpU9K:ng+nBCMc7RDoWZ5fgF9E3
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-