Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
V10.2.exe
-
Size
14.0MB
-
Sample
240223-y1x12agd23
-
MD5
25226ff375bcf2c8f7de2184c1b3328e
-
SHA1
1039f77341c0b15829289946822875ac75ac9325
-
SHA256
e4d8b43b5663cd86e279ec85a3a2376601d18f3178f5904f45dd3c697555914c
-
SHA512
b6b974471a638859792fe756d796b76149fcaad6522b1a31de350fa1a56f9596ccd00fa41bdadcd0fd5de13b7c644dd7b62b222e600afda6e4f598381b7069cb
-
SSDEEP
393216:wmEkZgf8Xq1+TtIiFGvvB5IjWqn6eclz1dypX8Wj5+d:tRbXq1QtIZX3ILn6ec1yCe5+d
Malware Config
Targets
-
-
Target
V10.2.exe
-
Size
14.0MB
-
MD5
25226ff375bcf2c8f7de2184c1b3328e
-
SHA1
1039f77341c0b15829289946822875ac75ac9325
-
SHA256
e4d8b43b5663cd86e279ec85a3a2376601d18f3178f5904f45dd3c697555914c
-
SHA512
b6b974471a638859792fe756d796b76149fcaad6522b1a31de350fa1a56f9596ccd00fa41bdadcd0fd5de13b7c644dd7b62b222e600afda6e4f598381b7069cb
-
SSDEEP
393216:wmEkZgf8Xq1+TtIiFGvvB5IjWqn6eclz1dypX8Wj5+d:tRbXq1QtIZX3ILn6ec1yCe5+d
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-