Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
35b5b0cc100e0ba95f366d6a3b427823.exe
-
Size
490KB
-
Sample
240102-tbzq4sbhc7
-
MD5
35b5b0cc100e0ba95f366d6a3b427823
-
SHA1
2845a8d906a0c93281c560de1e2e3d5a8ae2a546
-
SHA256
2db46ad5e0370f7f9762fd2ed5ca32e2bfcb7d78c56df7240cd4ff05889dd4d0
-
SHA512
29252fdfd992ec5d0d351d43bed65872f0a5637a1854fbe796aa37f9dfbba4e11d0ba2be8418c56a79a846100e96418c7ee7d8bc8ee1b489a5a8bd0ca073841d
-
SSDEEP
12288:CTPh8TlBsPJ78hCWS0ok+jhXWuz/qMvp5h93Yure:zl870
Static task
static1
Behavioral task
behavioral1
Sample
35b5b0cc100e0ba95f366d6a3b427823.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
35b5b0cc100e0ba95f366d6a3b427823.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
35b5b0cc100e0ba95f366d6a3b427823.exe
-
Size
490KB
-
MD5
35b5b0cc100e0ba95f366d6a3b427823
-
SHA1
2845a8d906a0c93281c560de1e2e3d5a8ae2a546
-
SHA256
2db46ad5e0370f7f9762fd2ed5ca32e2bfcb7d78c56df7240cd4ff05889dd4d0
-
SHA512
29252fdfd992ec5d0d351d43bed65872f0a5637a1854fbe796aa37f9dfbba4e11d0ba2be8418c56a79a846100e96418c7ee7d8bc8ee1b489a5a8bd0ca073841d
-
SSDEEP
12288:CTPh8TlBsPJ78hCWS0ok+jhXWuz/qMvp5h93Yure:zl870
Score10/10-
StormKitty payload
-
Drops desktop.ini file(s)
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Looks up geolocation information via web service
Uses a legitimate geolocation service to find the infected system's geolocation info.
-
Suspicious use of SetThreadContext
-