Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1c9b3151a3b7d132fd511ccbae711490
-
Size
905KB
-
Sample
231230-z2mgcsccb4
-
MD5
1c9b3151a3b7d132fd511ccbae711490
-
SHA1
8a32224ea602478ee660a0f7ed829eba0ad1f8f7
-
SHA256
8d94157c8d223c29d1507a1ed3300a21eeccce8c8a49ccc05fc7c83a044517a5
-
SHA512
b44def743395997be043ca71610fe4fc8a3c2d8fc702610113cdc34acf9200fd1b57f34c8080934929fd3e7fda7c35c5cd9fa4e433b02ecf1ce07873330ac903
-
SSDEEP
24576:GU87rJKWS/d3dx+z/l+58h3UC9QhCwDCp0+/p/zKuRS:i7rADYl+5w3Q+eEbhS
Static task
static1
Behavioral task
behavioral1
Sample
1c9b3151a3b7d132fd511ccbae711490.exe
Resource
win7-20231215-en
Malware Config
Extracted
xloader
2.3
p2io
essentiallyourscandles.com
cleanxcare.com
bigplatesmallwallet.com
iotcloud.technology
dmgt4m2g8y2uh.net
malcorinmobiliaria.com
thriveglucose.com
fuhaitongxin.com
magetu.info
pyithuhluttaw.net
myfavbutik.com
xzklrhy.com
anewdistraction.com
mercuryaid.net
thesoulrevitalist.com
swayam-moj.com
liminaltechnology.com
lucytime.com
alfenas.info
carmelodesign.com
newmopeds.com
cyrilgraze.com
ruhexuangou.com
trendbold.com
centergolosinas.com
leonardocarrillo.com
advancedaccessapplications.com
aideliveryrobot.com
defenestration.world
zgcbw.net
shopihy.com
3cheer.com
untylservice.com
totally-seo.com
cmannouncements.com
tpcgzwlpyggm.mobi
hfjxhs.com
balloon-artists.com
vectoroutlines.com
boogerstv.com
procircleacademy.com
tricqr.com
hazard-protection.com
buylocalclub.info
m678.xyz
hiddenwholesale.com
ololmychartlogin.com
redudiban.com
brunoecatarina.com
69-1hn7uc.net
zmzcrossrt.xyz
dreamcashbuyers.com
yunlimall.com
jonathan-mandt.com
painhut.com
pandemisorgugirisi-tr.com
sonderbach.net
kce0728com.net
austinpavingcompany.com
biztekno.com
rodriggi.com
micheldrake.com
foxwaybrasil.com
a3i7ufz4pt3.net
adultpeace.com
Targets
-
-
Target
1c9b3151a3b7d132fd511ccbae711490
-
Size
905KB
-
MD5
1c9b3151a3b7d132fd511ccbae711490
-
SHA1
8a32224ea602478ee660a0f7ed829eba0ad1f8f7
-
SHA256
8d94157c8d223c29d1507a1ed3300a21eeccce8c8a49ccc05fc7c83a044517a5
-
SHA512
b44def743395997be043ca71610fe4fc8a3c2d8fc702610113cdc34acf9200fd1b57f34c8080934929fd3e7fda7c35c5cd9fa4e433b02ecf1ce07873330ac903
-
SSDEEP
24576:GU87rJKWS/d3dx+z/l+58h3UC9QhCwDCp0+/p/zKuRS:i7rADYl+5w3Q+eEbhS
-
CustAttr .NET packer
Detects CustAttr .NET packer in memory.
-
Xloader payload
-
Suspicious use of SetThreadContext
-