Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
NightmareX.exe
-
Size
17.0MB
-
Sample
240214-nqpa2ahb7z
-
MD5
ab93e3e0039732fcc4b0a55a49bb3d56
-
SHA1
a27f39f8e7055fc958fd5cc6c6aa633906574326
-
SHA256
711250d86c4623d612735a26b2bdace3266a0570cfd63417c2ecf029714fed40
-
SHA512
49afcdfb90ffa8023e6ff6de48140a4602dc4a80b272a98c7dffa08b406e027e9ef060a19ff34b5b05eaaae7443b78962161fb8610049c11d3d58c3bca54dcdd
-
SSDEEP
98304:QH7oxLH9NH1oryvcIEvjPGw8qPLxPnI6sklXxEpHIbxckJY17DUC0td7wN:QH7WLdIrqc1viwzLxvdfRJqDUCEG
Static task
static1
Behavioral task
behavioral1
Sample
NightmareX.exe
Resource
win7-20231215-en
Malware Config
Targets
-
-
Target
NightmareX.exe
-
Size
17.0MB
-
MD5
ab93e3e0039732fcc4b0a55a49bb3d56
-
SHA1
a27f39f8e7055fc958fd5cc6c6aa633906574326
-
SHA256
711250d86c4623d612735a26b2bdace3266a0570cfd63417c2ecf029714fed40
-
SHA512
49afcdfb90ffa8023e6ff6de48140a4602dc4a80b272a98c7dffa08b406e027e9ef060a19ff34b5b05eaaae7443b78962161fb8610049c11d3d58c3bca54dcdd
-
SSDEEP
98304:QH7oxLH9NH1oryvcIEvjPGw8qPLxPnI6sklXxEpHIbxckJY17DUC0td7wN:QH7WLdIrqc1viwzLxvdfRJqDUCEG
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-