Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
34209690923c54f64cd3620bbbd0616f6c3e9efd145008276b46cca1843e4830
-
Size
252KB
-
Sample
240217-hbdm4acb41
-
MD5
5b3ab15e5cfbfbecf28251b6bbd0504b
-
SHA1
8e99a2fd487f37f2c3e332de3330ec37dd3738ff
-
SHA256
34209690923c54f64cd3620bbbd0616f6c3e9efd145008276b46cca1843e4830
-
SHA512
78f332edcbbf143aa4f53036b1b4102f10e093c7df3461bd741b8b0716d6c1626e34763b2303c861ed849a6ddc940353090e36f9e466def082f52fdc3e6e683f
-
SSDEEP
6144:8MXC28ZMeEnBzIj4iTNab1xfiNocxboyknb3i:XXC28SeEBkrab1xfiNbxonm
Static task
static1
Behavioral task
behavioral1
Sample
34209690923c54f64cd3620bbbd0616f6c3e9efd145008276b46cca1843e4830.exe
Resource
win7-20231215-en
Malware Config
Extracted
stealc
http://185.172.128.79
-
url_path
/3cd2b41cbde8fc9c.php
Targets
-
-
Target
34209690923c54f64cd3620bbbd0616f6c3e9efd145008276b46cca1843e4830
-
Size
252KB
-
MD5
5b3ab15e5cfbfbecf28251b6bbd0504b
-
SHA1
8e99a2fd487f37f2c3e332de3330ec37dd3738ff
-
SHA256
34209690923c54f64cd3620bbbd0616f6c3e9efd145008276b46cca1843e4830
-
SHA512
78f332edcbbf143aa4f53036b1b4102f10e093c7df3461bd741b8b0716d6c1626e34763b2303c861ed849a6ddc940353090e36f9e466def082f52fdc3e6e683f
-
SSDEEP
6144:8MXC28ZMeEnBzIj4iTNab1xfiNocxboyknb3i:XXC28SeEBkrab1xfiNbxonm
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-