Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
919bd7c5bd519ea81d757569fb0a340042d7b7071b9e4a2a2bb63c14a2beb171
-
Size
205KB
-
Sample
240105-y1mkashggm
-
MD5
58f22f4769e590f572304d26eaa637b0
-
SHA1
fdfa6b1c9aa2ac4890bf0fb38f55e8471eb08ea6
-
SHA256
919bd7c5bd519ea81d757569fb0a340042d7b7071b9e4a2a2bb63c14a2beb171
-
SHA512
96987f86087a002b141e0eb42764e320553e10c3833a0af252ab5f71567b88d0eb957dbc3254c3ac99d9887a114ce7ef90857ca646c24f041eecf373b7233a53
-
SSDEEP
3072:BnsLgAjV2MaqD2Yp/cdDoWEMRsleoEBgOlErQ34Kx78dSfL:BsL32+pkIleoEBbErQoD
Static task
static1
Behavioral task
behavioral1
Sample
919bd7c5bd519ea81d757569fb0a340042d7b7071b9e4a2a2bb63c14a2beb171.exe
Resource
win7-20231215-en
Malware Config
Extracted
stealc
http://185.172.128.79
-
url_path
/3886d2276f6914c4.php
Targets
-
-
Target
919bd7c5bd519ea81d757569fb0a340042d7b7071b9e4a2a2bb63c14a2beb171
-
Size
205KB
-
MD5
58f22f4769e590f572304d26eaa637b0
-
SHA1
fdfa6b1c9aa2ac4890bf0fb38f55e8471eb08ea6
-
SHA256
919bd7c5bd519ea81d757569fb0a340042d7b7071b9e4a2a2bb63c14a2beb171
-
SHA512
96987f86087a002b141e0eb42764e320553e10c3833a0af252ab5f71567b88d0eb957dbc3254c3ac99d9887a114ce7ef90857ca646c24f041eecf373b7233a53
-
SSDEEP
3072:BnsLgAjV2MaqD2Yp/cdDoWEMRsleoEBgOlErQ34Kx78dSfL:BsL32+pkIleoEBbErQoD
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-