Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
fba5ceee28251849d9109dc3d0a84207f71983d378786b1c0f0f4b5d38371e33
-
Size
291KB
-
Sample
240506-3ak11afh4t
-
MD5
3e01cb189e45b879160a062a59e0f60f
-
SHA1
2a6749ab5fbbcf9c172bfc6600dd901f9c04564f
-
SHA256
fba5ceee28251849d9109dc3d0a84207f71983d378786b1c0f0f4b5d38371e33
-
SHA512
303f9cdd354ddfb04498d0ea7150d339c7ce27a4489fa6be0906064bc0932495cdd582ccf24ace0ea51176427c709c452ef9591f6622e95deefbc3cef2481e44
-
SSDEEP
3072:RMylKW1Ll4NBgIeTa7b/Ylz1q5WE/wAC/E5PUiLi:RMylKCl4NjeTS8lz1JE/wAC0f
Static task
static1
Behavioral task
behavioral1
Sample
fba5ceee28251849d9109dc3d0a84207f71983d378786b1c0f0f4b5d38371e33.exe
Resource
win7-20240221-en
Malware Config
Extracted
stealc
http://185.172.128.151
-
url_path
/7043a0c6a68d9c65.php
Targets
-
-
Target
fba5ceee28251849d9109dc3d0a84207f71983d378786b1c0f0f4b5d38371e33
-
Size
291KB
-
MD5
3e01cb189e45b879160a062a59e0f60f
-
SHA1
2a6749ab5fbbcf9c172bfc6600dd901f9c04564f
-
SHA256
fba5ceee28251849d9109dc3d0a84207f71983d378786b1c0f0f4b5d38371e33
-
SHA512
303f9cdd354ddfb04498d0ea7150d339c7ce27a4489fa6be0906064bc0932495cdd582ccf24ace0ea51176427c709c452ef9591f6622e95deefbc3cef2481e44
-
SSDEEP
3072:RMylKW1Ll4NBgIeTa7b/Ylz1q5WE/wAC/E5PUiLi:RMylKCl4NjeTS8lz1JE/wAC0f
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-