Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9e9a3a7e99404a3cc4346a18c74dce915fc6ece9b3960c420fc5685700a7d869
-
Size
217KB
-
Sample
240509-p8mqladf39
-
MD5
864b3093abf07e6127452d5ea8b1fa2f
-
SHA1
c2c7303b78aa77bcb577d04d5ad25b9b29dbfcd4
-
SHA256
9e9a3a7e99404a3cc4346a18c74dce915fc6ece9b3960c420fc5685700a7d869
-
SHA512
866c97c3c8f2367b0d7215924eb4b54744759e9c4094997ba7ed2b5e58dcc91aa2cd3009b0afea2be936b19a4e862ffbe80f2f3232a2fde5e987e8bd70f9162c
-
SSDEEP
3072:dVQr/HQkiW1wf1geHTE2jyPAsnApKS9Wm5O5wfeO:Ty/HQYsg3T9nApOm5c
Static task
static1
Behavioral task
behavioral1
Sample
9e9a3a7e99404a3cc4346a18c74dce915fc6ece9b3960c420fc5685700a7d869.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
stealc
http://185.172.128.151
-
url_path
/7043a0c6a68d9c65.php
Targets
-
-
Target
9e9a3a7e99404a3cc4346a18c74dce915fc6ece9b3960c420fc5685700a7d869
-
Size
217KB
-
MD5
864b3093abf07e6127452d5ea8b1fa2f
-
SHA1
c2c7303b78aa77bcb577d04d5ad25b9b29dbfcd4
-
SHA256
9e9a3a7e99404a3cc4346a18c74dce915fc6ece9b3960c420fc5685700a7d869
-
SHA512
866c97c3c8f2367b0d7215924eb4b54744759e9c4094997ba7ed2b5e58dcc91aa2cd3009b0afea2be936b19a4e862ffbe80f2f3232a2fde5e987e8bd70f9162c
-
SSDEEP
3072:dVQr/HQkiW1wf1geHTE2jyPAsnApKS9Wm5O5wfeO:Ty/HQYsg3T9nApOm5c
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-