Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

aabea69c87...45.exe

windows7-x64

10

aabea69c87...45.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    aabea69c871804b4cb254cc1c068a200a891629fd0672752503f3c76cacff845

  • Size

    2.0MB

  • Sample

    240306-2mv63acb7t

  • MD5

    351d4a590606411abd7de625cd8a62c1

  • SHA1

    1faaec3befe697771d546d302b975493b432b7a0

  • SHA256

    aabea69c871804b4cb254cc1c068a200a891629fd0672752503f3c76cacff845

  • SHA512

    eda3f0a3e31ba211687d7a014f617e19a83ba52e16ae639b1e0c8c97a5ce8a90531a1bb76c95124fd25bbbef97e01f3695f8d46af17189ea9894f16c22c5f268

  • SSDEEP

    49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6StVEnmcvQvEh:BemTLkNdfE0pZrwP

Score
10/10
kpotxmrigminerstealertrojanupx

Malware Config

Targets

    • Target

      aabea69c871804b4cb254cc1c068a200a891629fd0672752503f3c76cacff845

    • Size

      2.0MB

    • MD5

      351d4a590606411abd7de625cd8a62c1

    • SHA1

      1faaec3befe697771d546d302b975493b432b7a0

    • SHA256

      aabea69c871804b4cb254cc1c068a200a891629fd0672752503f3c76cacff845

    • SHA512

      eda3f0a3e31ba211687d7a014f617e19a83ba52e16ae639b1e0c8c97a5ce8a90531a1bb76c95124fd25bbbef97e01f3695f8d46af17189ea9894f16c22c5f268

    • SSDEEP

      49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6StVEnmcvQvEh:BemTLkNdfE0pZrwP

    Score
    10/10
    kpotxmrigminerstealertrojanupx

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

      trojanstealerkpot

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • UPX dump on OEP (original entry point)

    • XMRig Miner payload

      miner

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks