Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Creal.exe
-
Size
13.2MB
-
Sample
240105-qbhaaacfbk
-
MD5
bec3815764e313618da5a64890926a4b
-
SHA1
2cfc144aa32f51527493b5639da47646b656ef0b
-
SHA256
5c215f76ad1d1bee14572365b54bd43d3da825f2cc7aa8e90c2a76c865bcf731
-
SHA512
fb779e91786efd4ed9c6bd84cd38e2f4351ac1cad550fe7ad04734f9d9c0f26cb9f80222840369b14027689e04a5fedd99fbf1dd9572d9e79dab2426d811a94e
-
SSDEEP
393216:/XGD2nwW+eGQRIMTozGxu8C0ibfz6e57g1bmXiWCUI:/2DawW+e5R5oztZ026e5WFVUI
Malware Config
Targets
-
-
Target
Creal.exe
-
Size
13.2MB
-
MD5
bec3815764e313618da5a64890926a4b
-
SHA1
2cfc144aa32f51527493b5639da47646b656ef0b
-
SHA256
5c215f76ad1d1bee14572365b54bd43d3da825f2cc7aa8e90c2a76c865bcf731
-
SHA512
fb779e91786efd4ed9c6bd84cd38e2f4351ac1cad550fe7ad04734f9d9c0f26cb9f80222840369b14027689e04a5fedd99fbf1dd9572d9e79dab2426d811a94e
-
SSDEEP
393216:/XGD2nwW+eGQRIMTozGxu8C0ibfz6e57g1bmXiWCUI:/2DawW+e5R5oztZ026e5WFVUI
Score7/10-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-