Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
iniciar.exe
-
Size
17.7MB
-
Sample
231208-dfvpysgh34
-
MD5
4d62aa04d981f3b2a9c5ac9347237fb6
-
SHA1
4cf9c540d6efcaa196c7f7de51214024ff5dbf45
-
SHA256
c6b5cab4d6ce48999f03b19d08a9abe66e9e2beafd6d7c62ca48cb61139ad661
-
SHA512
7f05ecee33544fcb33c7009299c0490cfa6057bdcd3b6d9ea8f365c88ea0babea31ffd6d6f1e0083262648d76769f94736659ec819e4d0a1987d0111f7341f5b
-
SSDEEP
393216:SqPnLFXlrVgQpDOETgsvfGzHgz2vEtrZaLSq:XPLFXN6QoEkWPnoj
Behavioral task
behavioral1
Sample
iniciar.exe
Resource
win11-20231129-en
Malware Config
Targets
-
-
Target
iniciar.exe
-
Size
17.7MB
-
MD5
4d62aa04d981f3b2a9c5ac9347237fb6
-
SHA1
4cf9c540d6efcaa196c7f7de51214024ff5dbf45
-
SHA256
c6b5cab4d6ce48999f03b19d08a9abe66e9e2beafd6d7c62ca48cb61139ad661
-
SHA512
7f05ecee33544fcb33c7009299c0490cfa6057bdcd3b6d9ea8f365c88ea0babea31ffd6d6f1e0083262648d76769f94736659ec819e4d0a1987d0111f7341f5b
-
SSDEEP
393216:SqPnLFXlrVgQpDOETgsvfGzHgz2vEtrZaLSq:XPLFXN6QoEkWPnoj
Score7/10-
Loads dropped DLL
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-