Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ca20476eab92bfb30bbd6b7ad2961010.exe
-
Size
228KB
-
Sample
240516-s1x35sbd21
-
MD5
ca20476eab92bfb30bbd6b7ad2961010
-
SHA1
549e27826585706b0a3fbd5ca62fe9cf94360242
-
SHA256
5913b56762d3253e0d9cefdd62f311f2a1a902f643b4c4cdb0220d1a38a3dbf9
-
SHA512
1355f0da04dbc5fe79c122793a6ffa720dfb932d07910fb1dc2a728751fb2e4636439c03016f2a9276f838133fd98768a7b6ee086c553d78b75d57c8c7ddd350
-
SSDEEP
6144:wB5Q/aqNI6aZg0RMrKB0uEdRj4pHLKd1k6cw:kDZgCMrk0u1Q
Static task
static1
Behavioral task
behavioral1
Sample
ca20476eab92bfb30bbd6b7ad2961010.exe
Resource
win7-20240508-en
Malware Config
Extracted
stealc
default11
http://185.172.128.170
-
url_path
/7043a0c6a68d9c65.php
Targets
-
-
Target
ca20476eab92bfb30bbd6b7ad2961010.exe
-
Size
228KB
-
MD5
ca20476eab92bfb30bbd6b7ad2961010
-
SHA1
549e27826585706b0a3fbd5ca62fe9cf94360242
-
SHA256
5913b56762d3253e0d9cefdd62f311f2a1a902f643b4c4cdb0220d1a38a3dbf9
-
SHA512
1355f0da04dbc5fe79c122793a6ffa720dfb932d07910fb1dc2a728751fb2e4636439c03016f2a9276f838133fd98768a7b6ee086c553d78b75d57c8c7ddd350
-
SSDEEP
6144:wB5Q/aqNI6aZg0RMrKB0uEdRj4pHLKd1k6cw:kDZgCMrk0u1Q
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-