Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
tears.exe
-
Size
21.2MB
-
Sample
240418-3fr2haaa48
-
MD5
ae2e6da7a291d399ccefc04c09d8cd25
-
SHA1
3ded1c30fdbb0ed75bdcf0e838902ee3b45bf4c7
-
SHA256
d1e70155a0fe1b2fa003997448f63f865fc9b3a6b3071ba91e09ce39fee7d5ba
-
SHA512
022db4407ee324b2b8a997f717fa4fee647596d5c683bf4dfbbf2647069565242de4d8d4a1ffb058295be401e58d5c1b99112cb67f60febe289cbfd6185bfbd1
-
SSDEEP
393216:YEkQ5S5AWfq4vgP8AxYD/1+TtIiF5Y9Z8D8Ccl6lmdadC02VaHtflkQgKZ:YeaAWfvbXr1QtIQa8DZcIlwadfqzFKZ
Malware Config
Targets
-
-
Target
tears.exe
-
Size
21.2MB
-
MD5
ae2e6da7a291d399ccefc04c09d8cd25
-
SHA1
3ded1c30fdbb0ed75bdcf0e838902ee3b45bf4c7
-
SHA256
d1e70155a0fe1b2fa003997448f63f865fc9b3a6b3071ba91e09ce39fee7d5ba
-
SHA512
022db4407ee324b2b8a997f717fa4fee647596d5c683bf4dfbbf2647069565242de4d8d4a1ffb058295be401e58d5c1b99112cb67f60febe289cbfd6185bfbd1
-
SSDEEP
393216:YEkQ5S5AWfq4vgP8AxYD/1+TtIiF5Y9Z8D8Ccl6lmdadC02VaHtflkQgKZ:YeaAWfvbXr1QtIQa8DZcIlwadfqzFKZ
Score7/10-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
-
-
Target
tears.pyc
-
Size
61KB
-
MD5
3a4927909a671a6792926fa5f3841c4e
-
SHA1
28b517b8f63c2f2b5b4330724cb01a2abf1fe126
-
SHA256
037769954da26da1a8b9ca91982471d84382be3608628e74bd6633717af8c6eb
-
SHA512
7bdeb9fb0f11139d9a67c753a0ca322e857ce4f876ff2761aace2c5b2084d171d928493834387c2818dce12624c61f00fd849914c88f1112903222519c4713df
-
SSDEEP
768:iANZ4t/Wpuem0hVCZvxzsGW/fYkLUG66/wpjxdJ+Fb4DT:iOJmDdC8aFoT
Score3/10 -