Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Particle.exe
-
Size
18.4MB
-
Sample
231207-vvpkxsea99
-
MD5
5034635dbc641bc6af5cf3f950eb4ca0
-
SHA1
480ed67e33136f6a7bf329b1b0df6717f958a072
-
SHA256
e199cd8a6297d6846f6e2a5a3e8e2450c3c6a9138ab18dc098a34a16bb107bb2
-
SHA512
f54c72f27af038beb00be4395158fec30973893b6a00e4e822cc29ee01df07148c1180fa94d56902288c1f75fdf205dcd5e2841da5151ea4fea789523fa29fc3
-
SSDEEP
393216:+qPnLFXlrPYgQpDOETgs77fGWg/fxs82vEmiQVFFL2:zPLFXNPRQoE7tafukEVFJ
Behavioral task
behavioral1
Sample
Particle.exe
Resource
win10v2004-20231127-en
Malware Config
Targets
-
-
Target
Particle.exe
-
Size
18.4MB
-
MD5
5034635dbc641bc6af5cf3f950eb4ca0
-
SHA1
480ed67e33136f6a7bf329b1b0df6717f958a072
-
SHA256
e199cd8a6297d6846f6e2a5a3e8e2450c3c6a9138ab18dc098a34a16bb107bb2
-
SHA512
f54c72f27af038beb00be4395158fec30973893b6a00e4e822cc29ee01df07148c1180fa94d56902288c1f75fdf205dcd5e2841da5151ea4fea789523fa29fc3
-
SSDEEP
393216:+qPnLFXlrPYgQpDOETgs77fGWg/fxs82vEmiQVFFL2:zPLFXNPRQoE7tafukEVFJ
Score7/10-
Loads dropped DLL
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-