Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3daaa20ac455b9586113cba234ae3153.exe
-
Size
681KB
-
Sample
240101-yj29esgfer
-
MD5
3daaa20ac455b9586113cba234ae3153
-
SHA1
d2972fb3c632473eb22f353755e0f31f999532b7
-
SHA256
3864b3a157ece572eabb6d56e50d577d0993fc7150bb5046e26e4fdc6bdf3c76
-
SHA512
9ab0101d42f3b17f7d9f9cc3d7c80167604cc29a309cb374afc47592d25bd054e5c10df52839c10e9b432dd09bea0ed90a6b16b4282c2183d7e845316ace9771
-
SSDEEP
6144:HBYFJLgGVFjvC+w7Mp5zmeEyK1mlfu7oVMGMLQwNFRKs0ZnnsCJaIUSSLyFpVI:6vVBpnAIutGMnNFR90DaIkepI
Static task
static1
Behavioral task
behavioral1
Sample
3daaa20ac455b9586113cba234ae3153.exe
Resource
win7-20231215-en
Malware Config
Extracted
formbook
4.1
crg3
g-strip.com
mercedestaydo.com
bettypersonalized.com
smithsndvine.com
lrkingdee.com
steigtechnik.club
joyous.world
lockhartsecurity.net
dogpouchy.com
sallysharman.com
moylook.online
safercheckin.com
pinsiteup14.online
infinitytattoocare.com
daiwans1.com
nativress.com
vanessagracebang.xyz
adiguzelboya.net
getiphoneforfree.com
villadelsolguadalupe.com
virosolglobal.com
smallbusinessvirtualtours.com
edutrainment.net
twincp.net
hoganfx.com
fxqy.net
providence.solutions
tlvtodxb.com
preesh.mobi
summitreached.com
xerton.online
mgesfar.com
conexaofinancas.com
csruzgo.icu
mindfulmoneyhacks.com
cookingweb.net
tstnj.com
howdo.limited
azurazer.com
nameloops.com
dariush.finance
tntrepmarketing.com
frontdeckventures.com
o78.net
hmrcapply-today.com
femaleseekingcouples.com
www0368.com
cbxsd.com
groovegunnels.com
semedburiti.com
devendrahospital.site
ioneled.com
lululuisa.com
realbiu.com
zdy5.com
thefaceshop.pro
istanbulgayrimenkul34.com
baibaisenbo.com
healtransform.com
theriversidecountyhomepro.com
fuzhouxingshilvshi.com
consulting-rar.com
mariansandu.com
sweetwaterwildcatfever.com
infinityormus.com
Targets
-
-
Target
3daaa20ac455b9586113cba234ae3153.exe
-
Size
681KB
-
MD5
3daaa20ac455b9586113cba234ae3153
-
SHA1
d2972fb3c632473eb22f353755e0f31f999532b7
-
SHA256
3864b3a157ece572eabb6d56e50d577d0993fc7150bb5046e26e4fdc6bdf3c76
-
SHA512
9ab0101d42f3b17f7d9f9cc3d7c80167604cc29a309cb374afc47592d25bd054e5c10df52839c10e9b432dd09bea0ed90a6b16b4282c2183d7e845316ace9771
-
SSDEEP
6144:HBYFJLgGVFjvC+w7Mp5zmeEyK1mlfu7oVMGMLQwNFRKs0ZnnsCJaIUSSLyFpVI:6vVBpnAIutGMnNFR90DaIkepI
-
Formbook payload
-
Suspicious use of SetThreadContext
-