Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

8184b0741a...3b.exe

windows7-x64

7

8184b0741a...3b.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8184b0741a74e43c47b279576be598c75df5ed3a4a3baae779e88b0b416df13b

  • Size

    14.0MB

  • Sample

    231225-yfqq8aega3

  • MD5

    90874b7a45493c8912976fa1e4080875

  • SHA1

    ce2a1766071e670f657fa65f590fdd53366849b8

  • SHA256

    8184b0741a74e43c47b279576be598c75df5ed3a4a3baae779e88b0b416df13b

  • SHA512

    e58942e278e370e227f3da81298f312ea93bb8b451bdd74b1da61f779ec90ee19a502646c54a1a0c013025693d91a222c2231b4d4f4fc32bafc1ad50ed018bef

  • SSDEEP

    393216:hiIE7Yo9+4u+nwW+eGQRJ9jo7BGzgQh3/D66WCo6:O7r9+RywW+e5RJ9M4HVo6

Score
10/10
crealstealerpyinstallerspywarestealer

Malware Config

Targets

    • Target

      8184b0741a74e43c47b279576be598c75df5ed3a4a3baae779e88b0b416df13b

    • Size

      14.0MB

    • MD5

      90874b7a45493c8912976fa1e4080875

    • SHA1

      ce2a1766071e670f657fa65f590fdd53366849b8

    • SHA256

      8184b0741a74e43c47b279576be598c75df5ed3a4a3baae779e88b0b416df13b

    • SHA512

      e58942e278e370e227f3da81298f312ea93bb8b451bdd74b1da61f779ec90ee19a502646c54a1a0c013025693d91a222c2231b4d4f4fc32bafc1ad50ed018bef

    • SSDEEP

      393216:hiIE7Yo9+4u+nwW+eGQRJ9jo7BGzgQh3/D66WCo6:O7r9+RywW+e5RJ9M4HVo6

    Score
    7/10
    spywarestealer

    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks