Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
VaiGen.exe
-
Size
81.1MB
-
Sample
240219-x65sdsbe4t
-
MD5
8e8ffd6bcdc46a77c3bfd4b0178e6990
-
SHA1
aa3430c29ac0a9ecd72c4f2a7b06ad5ada3e2c6b
-
SHA256
53645c0d033d0cd7b48d39081a313f17cec9932f451553c0a12927d5df247279
-
SHA512
1a89bc48d376bbf3f51c73df699bd9418fcc07a2b4bff401c37ffb9284fe0b28a8d36d98d7279577f44f474acd657dcb0c29b415579a8f807be64d23d3c1b778
-
SSDEEP
1572864:LU6PU1e4iamkhLDyPlfQuZwnqf3Gd6xdnj+Y/5szPyE7KaZti6vWyHvZ5X:LU64e4iadhLDy9fVqnyo6V/M+avTvrvX
Behavioral task
behavioral1
Sample
VaiGen.exe
Resource
win10v2004-20231215-en
Behavioral task
behavioral2
Sample
out.exe
Resource
win10v2004-20231222-en
Malware Config
Targets
-
-
Target
VaiGen.exe
-
Size
81.1MB
-
MD5
8e8ffd6bcdc46a77c3bfd4b0178e6990
-
SHA1
aa3430c29ac0a9ecd72c4f2a7b06ad5ada3e2c6b
-
SHA256
53645c0d033d0cd7b48d39081a313f17cec9932f451553c0a12927d5df247279
-
SHA512
1a89bc48d376bbf3f51c73df699bd9418fcc07a2b4bff401c37ffb9284fe0b28a8d36d98d7279577f44f474acd657dcb0c29b415579a8f807be64d23d3c1b778
-
SSDEEP
1572864:LU6PU1e4iamkhLDyPlfQuZwnqf3Gd6xdnj+Y/5szPyE7KaZti6vWyHvZ5X:LU64e4iadhLDy9fVqnyo6V/M+avTvrvX
Score7/10-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
-
-
Target
out.upx
-
Size
320KB
-
MD5
01b899f9e12d96191c0f60398c2d9194
-
SHA1
f827029abc19ba7b77ec4cc212daae38e23151da
-
SHA256
26fd3e81648d5f4441974b7cd1753b8635c1251baa3a99437769915ae6ee94da
-
SHA512
b9e3db8b01be091d11675fcaefb1a8a93cbacf3fc1f5702689aa47460346b8cd86adef1fdcdaae61394def824a9a21034f19490030a5574263bea53cc8e6a313
-
SSDEEP
6144:GkUpXKAKEgTbLBu73zikhQqWWUWirn30m5V0V3ZXtps:JMXK7EgTbNuj4Bdr3v5WVJdps
Score1/10 -