Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
aa8284b2178aaf3f501da1e4c1485ba01c72d70466e8026ff425771168ef5982
-
Size
221KB
-
Sample
240516-3l24naef64
-
MD5
3e60f960ca78e34a5a223279c54df092
-
SHA1
9cc2c0926d659aaf00eff68be3c6cccc9f14e364
-
SHA256
aa8284b2178aaf3f501da1e4c1485ba01c72d70466e8026ff425771168ef5982
-
SHA512
4463a76b64bab307381588f29e3eb4abc63aa9214f08d0ff84ae72473729cd6eb903e45126384aa86ba1eec64679eeea8eafd18456fb411dda3d655b96cd7f9a
-
SSDEEP
3072:P1PHcIR8yJV1bnEoV+o37K/YsY0OKA++A8/CQZ84yG/4BTZV4M28qwtBCF:Pl1TVVrnQk+P8fi9BTrz+w
Static task
static1
Behavioral task
behavioral1
Sample
aa8284b2178aaf3f501da1e4c1485ba01c72d70466e8026ff425771168ef5982.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
stealc
default11
http://185.172.128.170
-
url_path
/7043a0c6a68d9c65.php
Targets
-
-
Target
aa8284b2178aaf3f501da1e4c1485ba01c72d70466e8026ff425771168ef5982
-
Size
221KB
-
MD5
3e60f960ca78e34a5a223279c54df092
-
SHA1
9cc2c0926d659aaf00eff68be3c6cccc9f14e364
-
SHA256
aa8284b2178aaf3f501da1e4c1485ba01c72d70466e8026ff425771168ef5982
-
SHA512
4463a76b64bab307381588f29e3eb4abc63aa9214f08d0ff84ae72473729cd6eb903e45126384aa86ba1eec64679eeea8eafd18456fb411dda3d655b96cd7f9a
-
SSDEEP
3072:P1PHcIR8yJV1bnEoV+o37K/YsY0OKA++A8/CQZ84yG/4BTZV4M28qwtBCF:Pl1TVVrnQk+P8fi9BTrz+w
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-