Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
096afd3c75d74a375c0a3ad1ee01e45f6f1e359c6e5e863549a1c06b14a15172
-
Size
212KB
-
Sample
240523-2hfktabe87
-
MD5
fda327c664c103717e91f85337575c31
-
SHA1
c1619d147447398502ded060cb22f5854e1ea002
-
SHA256
096afd3c75d74a375c0a3ad1ee01e45f6f1e359c6e5e863549a1c06b14a15172
-
SHA512
10d8e85ed00010563f05d0466799fa765bea3f35ce241d63e02e8e5405e6d09d6d5952bdeeae8795dc0c407f2ba28e3c804c1f168881321c60c2119a5b49a0a2
-
SSDEEP
3072:FsaCAGbDtZxu9qaY2Z6+csFww5+SahDnTVbWU3tOZtOe117A0I33r3e:Lw5Lugj9u+SqhEnv16l3b
Static task
static1
Behavioral task
behavioral1
Sample
096afd3c75d74a375c0a3ad1ee01e45f6f1e359c6e5e863549a1c06b14a15172.exe
Resource
win7-20240220-en
Malware Config
Extracted
stealc
default11
http://185.172.128.170
-
url_path
/7043a0c6a68d9c65.php
Targets
-
-
Target
096afd3c75d74a375c0a3ad1ee01e45f6f1e359c6e5e863549a1c06b14a15172
-
Size
212KB
-
MD5
fda327c664c103717e91f85337575c31
-
SHA1
c1619d147447398502ded060cb22f5854e1ea002
-
SHA256
096afd3c75d74a375c0a3ad1ee01e45f6f1e359c6e5e863549a1c06b14a15172
-
SHA512
10d8e85ed00010563f05d0466799fa765bea3f35ce241d63e02e8e5405e6d09d6d5952bdeeae8795dc0c407f2ba28e3c804c1f168881321c60c2119a5b49a0a2
-
SSDEEP
3072:FsaCAGbDtZxu9qaY2Z6+csFww5+SahDnTVbWU3tOZtOe117A0I33r3e:Lw5Lugj9u+SqhEnv16l3b
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-