Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
99acb2fe9bb5edfd4c6fe26a21deb78e.bin
-
Size
15.8MB
-
Sample
231229-chsgyacacl
-
MD5
99acb2fe9bb5edfd4c6fe26a21deb78e
-
SHA1
b459619e16196d0c9b51dee1ee907f5b03c0701e
-
SHA256
29864c1ad3d7b31fea238ca3c74d35d6f6c67f96dff1b0dd3545f20516ca0f11
-
SHA512
182b208f5a96fdae4b288d49962f02baff577f0b623ae21cacacf837a3ad7a10c8b514abd8cf94b83697e1246b6876fb9d11e24e8c143c79fbb6563ffeb2c43f
-
SSDEEP
393216:3iIE7Yo9+4urntpUTLfhJsW+eGQRe9jo7BGcZm3/q66WCD6:M7r9+RTHUTLJSW+e5Re9MlVD6
Behavioral task
behavioral1
Sample
99acb2fe9bb5edfd4c6fe26a21deb78e.exe
Resource
win7-20231215-en
Malware Config
Targets
-
-
Target
99acb2fe9bb5edfd4c6fe26a21deb78e.bin
-
Size
15.8MB
-
MD5
99acb2fe9bb5edfd4c6fe26a21deb78e
-
SHA1
b459619e16196d0c9b51dee1ee907f5b03c0701e
-
SHA256
29864c1ad3d7b31fea238ca3c74d35d6f6c67f96dff1b0dd3545f20516ca0f11
-
SHA512
182b208f5a96fdae4b288d49962f02baff577f0b623ae21cacacf837a3ad7a10c8b514abd8cf94b83697e1246b6876fb9d11e24e8c143c79fbb6563ffeb2c43f
-
SSDEEP
393216:3iIE7Yo9+4urntpUTLfhJsW+eGQRe9jo7BGcZm3/q66WCD6:M7r9+RTHUTLJSW+e5Re9MlVD6
-
Drops startup file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-