Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

TankX.exe

windows7-x64

7

TankX.exe

windows10-2004-x64

8

,|��yX�.pyc

windows7-x64

,|��yX�.pyc

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    TankX.exe

  • Size

    6.1MB

  • Sample

    240423-y82zysbf34

  • MD5

    a06f37fd4828eb3b3140c50cb0638a36

  • SHA1

    0fe30a4ca469b973d1b61d5dee7610e106f817da

  • SHA256

    417dd4be4d5947568b30abfb4f2a8d1a303da739ff6f15461525359b9b6b7d76

  • SHA512

    ea9a883db61ec4d7c29114dc387e1732ee37565e4a99cca868018c52b2a08ca23e73651380dc2d3066dbfdcdbe9bad13e5525f5083ceb72ad049090e87a6631e

  • SSDEEP

    98304:Zr0wRhEtdFByZNhamaHl3Ne4i3gmtfXJOLhx9fZAzDJ4wzQgsRuGK4RRBMMK3SUq:Zr0wuFMZ+eN/FJMIDJf0gsAGK4RRuMKq

Score
10/10
blankgrabberspywarestealerupx

Malware Config

Targets

    • Target

      TankX.exe

    • Size

      6.1MB

    • MD5

      a06f37fd4828eb3b3140c50cb0638a36

    • SHA1

      0fe30a4ca469b973d1b61d5dee7610e106f817da

    • SHA256

      417dd4be4d5947568b30abfb4f2a8d1a303da739ff6f15461525359b9b6b7d76

    • SHA512

      ea9a883db61ec4d7c29114dc387e1732ee37565e4a99cca868018c52b2a08ca23e73651380dc2d3066dbfdcdbe9bad13e5525f5083ceb72ad049090e87a6631e

    • SSDEEP

      98304:Zr0wRhEtdFByZNhamaHl3Ne4i3gmtfXJOLhx9fZAzDJ4wzQgsRuGK4RRBMMK3SUq:Zr0wuFMZ+eN/FJMIDJf0gsAGK4RRuMKq

    Score
    8/10
    upxspywarestealer

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

    • Target

      ,|��yX�.pyc

    • Size

      857B

    • MD5

      e172a03818b783829f0cae9bb458df9f

    • SHA1

      d9a283f4f4499e205386c136c3433b01e81f9ec7

    • SHA256

      d66d58f40c7e737109e1e870233fb1178ee8c45037d8ea7021f654525c6eb87d

    • SHA512

      c036ea70966f35390548492c6d3730fd8c8fedfdd6bc41bb96fd9cfd6d6bfc12d4176da077c9f167efe64cbfa2220e062cd2d7dfa46035f8ff1f0e64560a2bd3

    Score
    1/10
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks