Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f05f66909f30cb421f36707aaa7c5700b5fb33a5b2f3efe7ac3d78675a5540b1
-
Size
208KB
-
Sample
240524-cld4qahf2s
-
MD5
4ebca625b4417c345a08125da5633938
-
SHA1
839ecbb46e623b3d0b829579e96c216b41af2dc3
-
SHA256
f05f66909f30cb421f36707aaa7c5700b5fb33a5b2f3efe7ac3d78675a5540b1
-
SHA512
03eb6cb478e584e6618b5bc5b32135dd01bdc1214f8325d97148db688a32ea03f3e9e2b3e41d4876dd4617479cf03f725521c7ef4a2c9d3a50fd3ac4f47db84b
-
SSDEEP
3072:Db+7Qr3z+trZesbNMST4nkFaSYrRYN5rPKE+agR5C:3Jj+rZd5Mw4koSYrRYzRdg
Static task
static1
Behavioral task
behavioral1
Sample
f05f66909f30cb421f36707aaa7c5700b5fb33a5b2f3efe7ac3d78675a5540b1.exe
Resource
win7-20240508-en
Malware Config
Extracted
stealc
default11
http://185.172.128.170
-
url_path
/7043a0c6a68d9c65.php
Targets
-
-
Target
f05f66909f30cb421f36707aaa7c5700b5fb33a5b2f3efe7ac3d78675a5540b1
-
Size
208KB
-
MD5
4ebca625b4417c345a08125da5633938
-
SHA1
839ecbb46e623b3d0b829579e96c216b41af2dc3
-
SHA256
f05f66909f30cb421f36707aaa7c5700b5fb33a5b2f3efe7ac3d78675a5540b1
-
SHA512
03eb6cb478e584e6618b5bc5b32135dd01bdc1214f8325d97148db688a32ea03f3e9e2b3e41d4876dd4617479cf03f725521c7ef4a2c9d3a50fd3ac4f47db84b
-
SSDEEP
3072:Db+7Qr3z+trZesbNMST4nkFaSYrRYN5rPKE+agR5C:3Jj+rZd5Mw4koSYrRYzRdg
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-