Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
@#LATEST_SoftWare_2024_PASSCODE_$.rar
-
Size
51.5MB
-
Sample
240429-l8wfysge5s
-
MD5
c7c3d6aaa70594d6df0b8f3f40a7e2f6
-
SHA1
74f4da75221222f336009025a358366eaf6c1d68
-
SHA256
979e872622b1ae7ca6e9cb3599de8e400b3bfe537d3cb64261dffaa7956baa50
-
SHA512
c23ea4a4c280a529e798a89525fa14b02156d18e8029edb93920dcc1144d1346eb5ff18ebbc80caf55ab391205d7fa0b19d5dab1e029db523648e4b26f7af0b1
-
SSDEEP
786432:dMPQ7x53FKvsZTMlKxppk7c8joaJ6eWd7Gt9BZjQZfDG3q9PhUwuMr+NegCHR:dMP+/3F6StAoalWd7wOFawVRj
Static task
static1
Behavioral task
behavioral1
Sample
@#LATEST_SoftWare_2024_PASSCODE_$.rar
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
@#LATEST_SoftWare_2024_PASSCODE_$.rar
Resource
win10-20240404-en
Behavioral task
behavioral3
Sample
@#LATEST_SoftWare_2024_PASSCODE_$.rar
Resource
win10v2004-20240419-en
Behavioral task
behavioral4
Sample
@#LATEST_SoftWare_2024_PASSCODE_$.rar
Resource
win11-20240419-en
Malware Config
Extracted
vidar
04eb8f77b9c9e4d5a6a6e5a3b727c27e
https://graims.xyz
https://steamcommunity.com/profiles/76561199677575543
https://t.me/snsb82
-
profile_id_v2
04eb8f77b9c9e4d5a6a6e5a3b727c27e
-
user_agent
Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) AppleWebKit/534.6 (KHTML, like Gecko) Chrome/8.0.500.0 Safari/534.6
Targets
-
-
Target
@#LATEST_SoftWare_2024_PASSCODE_$.rar
-
Size
51.5MB
-
MD5
c7c3d6aaa70594d6df0b8f3f40a7e2f6
-
SHA1
74f4da75221222f336009025a358366eaf6c1d68
-
SHA256
979e872622b1ae7ca6e9cb3599de8e400b3bfe537d3cb64261dffaa7956baa50
-
SHA512
c23ea4a4c280a529e798a89525fa14b02156d18e8029edb93920dcc1144d1346eb5ff18ebbc80caf55ab391205d7fa0b19d5dab1e029db523648e4b26f7af0b1
-
SSDEEP
786432:dMPQ7x53FKvsZTMlKxppk7c8joaJ6eWd7Gt9BZjQZfDG3q9PhUwuMr+NegCHR:dMP+/3F6StAoalWd7wOFawVRj
Score10/10-
Detect Vidar Stealer
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-