Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
fc78e8de8a0ef72dba38b06c7f884087a37db530035976a88a230fe0c683c4cc.exe
-
Size
306KB
-
Sample
240430-kxgyragf58
-
MD5
80b6ab6a94be9f1cc5326fb7eafe8bc1
-
SHA1
177176a6d021829b3c9c5f4c56bd1818e49c7843
-
SHA256
fc78e8de8a0ef72dba38b06c7f884087a37db530035976a88a230fe0c683c4cc
-
SHA512
4838e8a2288dd343a6c4594096a0241ba843f0960f5e3c223bb14c3767672131a2326f2f60cbb0d6e1100ae8c7dfe2b9e26bd2eea2e7cfcab3707686d88a58d7
-
SSDEEP
3072:S5OGVnqRp2PCl0kRv+nbLkOvqDbDEKEJTsTc+ZlRVpRmHEzGI7IMNU:OmIPCLwHSvQJmhpRyEy8NU
Static task
static1
Behavioral task
behavioral1
Sample
fc78e8de8a0ef72dba38b06c7f884087a37db530035976a88a230fe0c683c4cc.exe
Resource
win7-20240221-en
Malware Config
Extracted
stealc
http://185.172.128.150
-
url_path
/c698e1bc8a2f5e6d.php
Targets
-
-
Target
fc78e8de8a0ef72dba38b06c7f884087a37db530035976a88a230fe0c683c4cc.exe
-
Size
306KB
-
MD5
80b6ab6a94be9f1cc5326fb7eafe8bc1
-
SHA1
177176a6d021829b3c9c5f4c56bd1818e49c7843
-
SHA256
fc78e8de8a0ef72dba38b06c7f884087a37db530035976a88a230fe0c683c4cc
-
SHA512
4838e8a2288dd343a6c4594096a0241ba843f0960f5e3c223bb14c3767672131a2326f2f60cbb0d6e1100ae8c7dfe2b9e26bd2eea2e7cfcab3707686d88a58d7
-
SSDEEP
3072:S5OGVnqRp2PCl0kRv+nbLkOvqDbDEKEJTsTc+ZlRVpRmHEzGI7IMNU:OmIPCLwHSvQJmhpRyEy8NU
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-