Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

X-Executor.exe

windows11-21h2-x64

7

Resubmissions

20/04/2024, 03:54

240420-egntgage8s 7

20/04/2024, 03:53

240420-efw4fsfg45 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    X-Executor.exe

  • Size

    16.9MB

  • Sample

    240420-egntgage8s

  • MD5

    a959fa6e789e7933b1c889299bbc2ee6

  • SHA1

    8d73e032c5f846dc8a634af1a9fb03267aeb5052

  • SHA256

    f0c86145705a442ae6dbf9ecd7dd8539c4630e4da8ea0ded8a2e27bfeb135046

  • SHA512

    7967f210c0d5cd3ed3f94cfa6641a23364afe80a721d0b636243a663f78035d3bb0ce8c2440623063bf9512e609c6f5fa7c32fc1ce590dba08841ccefc3b08d6

  • SSDEEP

    393216:XKc9WLFTh2Jp5qC3njkw2QaFqyYgs6FVXGYydNEbKDG:ac9QFTh50j2QR96dKyIG

Score
7/10
pyinstallerspywarestealerupx

Malware Config

Targets

    • Target

      X-Executor.exe

    • Size

      16.9MB

    • MD5

      a959fa6e789e7933b1c889299bbc2ee6

    • SHA1

      8d73e032c5f846dc8a634af1a9fb03267aeb5052

    • SHA256

      f0c86145705a442ae6dbf9ecd7dd8539c4630e4da8ea0ded8a2e27bfeb135046

    • SHA512

      7967f210c0d5cd3ed3f94cfa6641a23364afe80a721d0b636243a663f78035d3bb0ce8c2440623063bf9512e609c6f5fa7c32fc1ce590dba08841ccefc3b08d6

    • SSDEEP

      393216:XKc9WLFTh2Jp5qC3njkw2QaFqyYgs6FVXGYydNEbKDG:ac9QFTh50j2QR96dKyIG

    Score
    7/10
    spywarestealerupx

    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks