Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
am.exe
-
Size
4.2MB
-
Sample
240519-s6vj7sde86
-
MD5
dee06456c2cd6367c77d6e665cb292f9
-
SHA1
33d6677f1e04ab6656b839f354819b249e300787
-
SHA256
bc5e1a99ef6ace27c7fe4db351f1b09de2d6c7f3dffc9231786786da71191623
-
SHA512
636e3f72ed4fc97daacc6c048eccff6b1da14784ce712d9639b89420004f7c88a015cefc24c2f27e2f7c0f493b369a44697bc872a43247aeca4aac92d96096e4
-
SSDEEP
98304:ul6bFlph/8dv6dVdm+wHFx4xSbaAbPVkFtncgy9E0alyttaM3ML:uAbRp8dv6dVdmDHFCS++VkFt2aonM
Static task
static1
Behavioral task
behavioral1
Sample
am.exe
Resource
win7-20240221-en
Malware Config
Extracted
amadey
4.20
523758
http://theclientisalwaysright.com
-
install_dir
b108e33186
-
install_file
Dctooux.exe
-
strings_key
3a99ddd4614527af7e2e996425319c4a
-
url_paths
/8BvxwQdec3/index.php
Targets
-
-
Target
am.exe
-
Size
4.2MB
-
MD5
dee06456c2cd6367c77d6e665cb292f9
-
SHA1
33d6677f1e04ab6656b839f354819b249e300787
-
SHA256
bc5e1a99ef6ace27c7fe4db351f1b09de2d6c7f3dffc9231786786da71191623
-
SHA512
636e3f72ed4fc97daacc6c048eccff6b1da14784ce712d9639b89420004f7c88a015cefc24c2f27e2f7c0f493b369a44697bc872a43247aeca4aac92d96096e4
-
SSDEEP
98304:ul6bFlph/8dv6dVdm+wHFx4xSbaAbPVkFtncgy9E0alyttaM3ML:uAbRp8dv6dVdmDHFCS++VkFt2aonM
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Suspicious use of SetThreadContext
-