Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6fe9a3470f0ac5c1d00d26e08a22579f
-
Size
671KB
-
Sample
231222-fvqewshadm
-
MD5
6fe9a3470f0ac5c1d00d26e08a22579f
-
SHA1
a88181b197bda78c80718197e9e4337baa6b96d5
-
SHA256
a6fc3c2cd878129322903c09b84a057046b772e92e883b002714574fff834bde
-
SHA512
ecb0a597f5a60b8593ac82bbc6092cf65e3de71f2e4f9e48d2c446159d812f74a44a7ad6054b058901a165dae5b202296bedbc30e110af3d1e7403cbda563805
-
SSDEEP
12288:YGcQNKL5XwINR3shZLJQ05nFwrvqHfp9y:/CRwUO/ddOTIfDy
Static task
static1
Behavioral task
behavioral1
Sample
6fe9a3470f0ac5c1d00d26e08a22579f.exe
Resource
win7-20231215-en
Malware Config
Extracted
xloader
2.3
uytf
elife-home-internet.com
amberbandyoutube.com
myhomemechanism.net
nuosports.com
universalpartnersintl.com
greatmix106.com
fangxianger.com
dreampic.net
lifteddevelopments.com
astyledsurface.com
meditationkota.com
hungry4theholy1.com
8belowrescue.com
almostmidnightgames.com
lifelonghiker.com
maridaniellecontreras.com
hisport.info
loveforquality.com
baincot3.com
theneuro-link.com
xrelsolver.com
gaymensunderwear.com
financeprove.com
supremeworkforce.net
foutobome.site
beautyandthebestsilk.net
geleximco-southernstar.info
aurorahhc.com
thestudentsafetysheild.com
13400667334.com
thedigitalmgr.com
onlinepoo.com
awgbvnw.icu
powersport-diag.com
xn--vhqqb482ahrd5umqj7d.com
m3kdynamics.com
combateor.com
driveraceshred.com
konfectionkonnection.net
mikeandjohn.net
ogamax.asia
fatrinal.com
bacsitaobon.website
moderninsighttarot.com
docfollowup.com
koretraksmartwatch.com
themp3experiment.com
donotwasteyourvote.com
superrecrutador.com
managementscholar.com
omassessoria.com
studiopaydar.com
marinecanvastopsbygeorge.com
apod89.com
sknwtr.com
qrsdt.com
restaurantesingular.com
shifenglny.com
triathletepass.com
easylivemeet.com
phs.xyz
lavanessamode.com
world-ometers.info
win88ff.com
mudeche.net
Targets
-
-
Target
6fe9a3470f0ac5c1d00d26e08a22579f
-
Size
671KB
-
MD5
6fe9a3470f0ac5c1d00d26e08a22579f
-
SHA1
a88181b197bda78c80718197e9e4337baa6b96d5
-
SHA256
a6fc3c2cd878129322903c09b84a057046b772e92e883b002714574fff834bde
-
SHA512
ecb0a597f5a60b8593ac82bbc6092cf65e3de71f2e4f9e48d2c446159d812f74a44a7ad6054b058901a165dae5b202296bedbc30e110af3d1e7403cbda563805
-
SSDEEP
12288:YGcQNKL5XwINR3shZLJQ05nFwrvqHfp9y:/CRwUO/ddOTIfDy
-
Xloader payload
-
Suspicious use of SetThreadContext
-