C:\Users\attat\source\repos\Millenium RAT Buillder V2.8\Millenium\Millenium\obj\Release\net462\conhost.pdb
Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
db874ae685d2bc4235b1213ec9d43d327c8d2bd12300bb0d78c9ce0a84c828b2.exe
-
Size
5.6MB
-
MD5
731812403191b60503e017d88e23b1a3
-
SHA1
67e1c24ded75620181916dea9654eeddf4049525
-
SHA256
db874ae685d2bc4235b1213ec9d43d327c8d2bd12300bb0d78c9ce0a84c828b2
-
SHA512
1ae78e7d5e134d56ebbe9ec3e71bd7529aedbe5670a93b7728eca0aa482ac6688187884c5a61c2c8ef308acda555152d4d5cd2938d1cfa57303a8649803f01d5
-
SSDEEP
98304:nsl27OuKr+gvhf2U9Nzm31PMoslkqXf0FvUcwti78OqJ7TPBvc8X6UcR6m:nPOuK6mn9NzgMoYkSIvUcwti7TQlvciK
Score
10/10
Malware Config
Signatures
-
Detects binaries (Windows and macOS) referencing many web browsers. Observed in information stealers. 1 IoCs
-
Detects binaries and memory artifacts referencing sandbox DLLs typically observed in sandbox evasion 1 IoCs
-
Detects executables containing SQL queries to confidential data stores. Observed in infostealers 1 IoCs
-
Detects executables containing URLs to raw contents of a Github gist 1 IoCs
-
Detects executables containing possible sandbox analysis VM names 1 IoCs
-
Detects executables containing possible sandbox analysis VM usernames 1 IoCs
-
Detects executables manipulated with Fody 1 IoCs
-
Detects executables using Telegram Chat Bot 1 IoCs
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
db874ae685d2bc4235b1213ec9d43d327c8d2bd12300bb0d78c9ce0a84c828b2.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections