Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
loader.exe
-
Size
17.6MB
-
Sample
240102-tae1bahagq
-
MD5
3232a00b6b167bee1e1c7c746e295967
-
SHA1
3b3ed50193a3094947cad30de1bbef9fbba1a4de
-
SHA256
956a268fd0f7a131c0a4a738f815aea3cbddfdc3961607baff3ed881efe4843d
-
SHA512
464f1269f7aba14875c03841c8ddbae67291d8e24deb3061d6e3238837a1daffa2d28323126debc38c851b0481d3a740299c35b20f6c1d12fbad0e74d37341e7
-
SSDEEP
393216:qqPnLFXlreQpDOETgsvfGFwSgNyvEzETlLtq:/PLFXNeQoEu2LApY
Behavioral task
behavioral1
Sample
loader.exe
Resource
win10-20231215-en
Behavioral task
behavioral2
Sample
loader.exe
Resource
win10v2004-20231222-en
Behavioral task
behavioral3
Sample
loader.exe
Resource
win11-20231215-en
Behavioral task
behavioral4
Sample
main.pyc
Resource
win10-20231215-en
Behavioral task
behavioral5
Sample
main.pyc
Resource
win10v2004-20231215-en
Behavioral task
behavioral6
Sample
main.pyc
Resource
win11-20231215-en
Malware Config
Targets
-
-
Target
loader.exe
-
Size
17.6MB
-
MD5
3232a00b6b167bee1e1c7c746e295967
-
SHA1
3b3ed50193a3094947cad30de1bbef9fbba1a4de
-
SHA256
956a268fd0f7a131c0a4a738f815aea3cbddfdc3961607baff3ed881efe4843d
-
SHA512
464f1269f7aba14875c03841c8ddbae67291d8e24deb3061d6e3238837a1daffa2d28323126debc38c851b0481d3a740299c35b20f6c1d12fbad0e74d37341e7
-
SSDEEP
393216:qqPnLFXlreQpDOETgsvfGFwSgNyvEzETlLtq:/PLFXNeQoEu2LApY
Score7/10-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
-
-
Target
main.pyc
-
Size
7KB
-
MD5
bf3aae7ae48bfea005e6b8b45c6e46b1
-
SHA1
6f73ec91450e96868cd29b80d62a5fd917ecbad3
-
SHA256
1ebffcbd4407050927d8505b87a8b37016aaa02ee151c250bc2ff71231a99409
-
SHA512
86531a4e085add134ce8257def39f3a99dfe8a6a4775de3ce38fbc845b41cce6965d591a7fd85438936ba4e9ebbbf9d16e4637d49194ee75bee5c59b78259cb9
-
SSDEEP
192:wKUuc6BnD8OGXWdXwpP7+5fAcJhwlrhirMdwbnw:7USL8WuF+fD2lrhsPbw
Score3/10 -