Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
02b89444a1d633c44e1e9e54e3fdd1b0
-
Size
945KB
-
Sample
231229-yzmtnshhhp
-
MD5
02b89444a1d633c44e1e9e54e3fdd1b0
-
SHA1
6d560a1c41457fa9c88d5d218ea4a9ae670fbedd
-
SHA256
52b0438a43977e210e58786f139697a9007854f624d8901c891a9af69b87667f
-
SHA512
1521d912a90f74e46a6428eb4ee6bdf7561ff05260b9243a34e724b9be1424bec2f7c78ea527097a3d75f349e5afa485bc9aeb159d6186e1f621e462eacda5f7
-
SSDEEP
12288:qxDc9F3nC0Py3gAhSEJbjJEK1+E5Gl6twEtG5FhVvjRrry8rXcuzDD8qfv:6J5Gl6HE5FhhjRvy8Zdv
Static task
static1
Behavioral task
behavioral1
Sample
02b89444a1d633c44e1e9e54e3fdd1b0.exe
Resource
win7-20231215-en
Malware Config
Extracted
xloader
2.3
earz
halacoupon.com
anthos-labs.com
hagertylabs.net
l1992.com
856379580.xyz
rcbb-technologies.com
realhoggapparel.com
sauceprince.com
tootingcab.com
4chase5.com
ordergogibibimbap.com
nyj.xyz
dermixspa.com
premiergiftingco.com
razorcentric.com
mbrealtyadvisors.com
officialjazz.club
cctv006.com
hbcuatthepolls.info
prestamos-ya.com
braara.com
yeetgolf.com
lecotonrose.com
cjmakeupartisttx.com
erdhardt.com
talasaz.com
battisonsemtech.com
kblzs.com
educatemyemployees.com
goodgame1.com
graxdev.com
retirementparner.com
oakdalecasino.com
patsoases.com
thebiodetonators.com
bomachinaconvention.com
bett3r.com
2ug35refd.com
wholesalekingsauto.net
welcomeenlighten.club
woman2watch.com
retireemedical-tagcomet.com
astudentdevelop.com
cryptocaviar.com
tedstone.info
racevc.com
eogrlqf.icu
glamourousglory.com
vfb2020.com
hudsonvalleyproject.com
learningtolive365.com
createspace.sucks
kaojinwolove.com
pureandrich.com
textenvsschreiben.com
devis-danseuse-bresilienne.com
nidape-cfm.com
johnnyfong.com
thehappymoose.com
ldq.cool
capdistribution.pro
khangkhilinh.com
biomonde-dannemarie.com
sterlingrhone.com
furnitureizmir.com
Targets
-
-
Target
02b89444a1d633c44e1e9e54e3fdd1b0
-
Size
945KB
-
MD5
02b89444a1d633c44e1e9e54e3fdd1b0
-
SHA1
6d560a1c41457fa9c88d5d218ea4a9ae670fbedd
-
SHA256
52b0438a43977e210e58786f139697a9007854f624d8901c891a9af69b87667f
-
SHA512
1521d912a90f74e46a6428eb4ee6bdf7561ff05260b9243a34e724b9be1424bec2f7c78ea527097a3d75f349e5afa485bc9aeb159d6186e1f621e462eacda5f7
-
SSDEEP
12288:qxDc9F3nC0Py3gAhSEJbjJEK1+E5Gl6twEtG5FhVvjRrry8rXcuzDD8qfv:6J5Gl6HE5FhhjRvy8Zdv
-
Xloader payload
-
Suspicious use of SetThreadContext
-