Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
FivemAE.exe
-
Size
16.5MB
-
Sample
240203-2g5hjsdhfr
-
MD5
d00c2f0b3ffce86e496b8d9be28a41c1
-
SHA1
4a56414bee960e79203cc437fea4a59c51da7d19
-
SHA256
14c0e92d72fb2a6afcba06f88bca846d13e78e418661a4203045f52d497a2578
-
SHA512
9b3024bff2793175640e9c175c10ace4d8d9b0d85d6e15e0d39aabbb16675bdd1f4de21e39ed9eb14bc3b714ece27b147294ce3693319edd0760e98a4ecc4b4c
-
SSDEEP
393216:fh9S2nnx8qGCPaL+9qzTSCk+7q301JE1bbKXiWCUI:Z9Dnx3M+9q/4301gHFVUI
Malware Config
Targets
-
-
Target
FivemAE.exe
-
Size
16.5MB
-
MD5
d00c2f0b3ffce86e496b8d9be28a41c1
-
SHA1
4a56414bee960e79203cc437fea4a59c51da7d19
-
SHA256
14c0e92d72fb2a6afcba06f88bca846d13e78e418661a4203045f52d497a2578
-
SHA512
9b3024bff2793175640e9c175c10ace4d8d9b0d85d6e15e0d39aabbb16675bdd1f4de21e39ed9eb14bc3b714ece27b147294ce3693319edd0760e98a4ecc4b4c
-
SSDEEP
393216:fh9S2nnx8qGCPaL+9qzTSCk+7q301JE1bbKXiWCUI:Z9Dnx3M+9q/4301gHFVUI
-
Drops startup file
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-