Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
main.exe
-
Size
11.7MB
-
Sample
231224-z8yg7segaq
-
MD5
4b493a0327eea41a468ec32685eeba25
-
SHA1
036bcbf9e1d777c68962ce3e6ff24fbe4acb03d6
-
SHA256
82322372016b1c70f411ad0835fccf2a2a4cc10d34ec62dc52c0ae216ced4158
-
SHA512
c8efae56ada521327b80c09a9cbf84604886ba999904c48d2e0318278e4a60357834f7ec2b3b41189dc85024101c7d7e5b6d713b151d75571bf4fc4b38ca9d8c
-
SSDEEP
196608:+rD4RGdMjEznvLjv+bhqNVoB6Ck5c7GpNlI41J2mJLVk9ntlRbvOXiWCU0:hUdMjOjL+9qz86Ck+7q3D1Jq1bmXiWCU
Behavioral task
behavioral1
Sample
main.exe
Resource
win7-20231215-en
Malware Config
Targets
-
-
Target
main.exe
-
Size
11.7MB
-
MD5
4b493a0327eea41a468ec32685eeba25
-
SHA1
036bcbf9e1d777c68962ce3e6ff24fbe4acb03d6
-
SHA256
82322372016b1c70f411ad0835fccf2a2a4cc10d34ec62dc52c0ae216ced4158
-
SHA512
c8efae56ada521327b80c09a9cbf84604886ba999904c48d2e0318278e4a60357834f7ec2b3b41189dc85024101c7d7e5b6d713b151d75571bf4fc4b38ca9d8c
-
SSDEEP
196608:+rD4RGdMjEznvLjv+bhqNVoB6Ck5c7GpNlI41J2mJLVk9ntlRbvOXiWCU0:hUdMjOjL+9qz86Ck+7q3D1Jq1bmXiWCU
-
Drops startup file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-