Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d015aabe92f1a3208a3e0b6ebaf85a3def932a24fb133bb7c051dc3768af4810
-
Size
254KB
-
Sample
240603-gw3bhsfd77
-
MD5
0a1857343ebdb2c191d872e444fad837
-
SHA1
975c4cf503b6322faecbf739db0dba5172819203
-
SHA256
d015aabe92f1a3208a3e0b6ebaf85a3def932a24fb133bb7c051dc3768af4810
-
SHA512
70416729fb19cda79acfd969ce19de0953edd26caf8db20d12e576aa26b97b37a9cb09862562e88d87a77bdd6ef19977a70fe8edfa92ad35e61725b896a9468b
-
SSDEEP
3072:WPdL6Xit6oa0QyUOtowQauVw8MhvcM4CT5AqUQZ5XH3A7H3A4/IVE:CdL6Xi0/0loI78MhkM5yqUQ73Az3AHE
Static task
static1
Behavioral task
behavioral1
Sample
d015aabe92f1a3208a3e0b6ebaf85a3def932a24fb133bb7c051dc3768af4810.exe
Resource
win7-20240508-en
Malware Config
Extracted
stealc
default12
http://185.172.128.170
-
url_path
/7043a0c6a68d9c65.php
Targets
-
-
Target
d015aabe92f1a3208a3e0b6ebaf85a3def932a24fb133bb7c051dc3768af4810
-
Size
254KB
-
MD5
0a1857343ebdb2c191d872e444fad837
-
SHA1
975c4cf503b6322faecbf739db0dba5172819203
-
SHA256
d015aabe92f1a3208a3e0b6ebaf85a3def932a24fb133bb7c051dc3768af4810
-
SHA512
70416729fb19cda79acfd969ce19de0953edd26caf8db20d12e576aa26b97b37a9cb09862562e88d87a77bdd6ef19977a70fe8edfa92ad35e61725b896a9468b
-
SSDEEP
3072:WPdL6Xit6oa0QyUOtowQauVw8MhvcM4CT5AqUQZ5XH3A7H3A4/IVE:CdL6Xi0/0loI78MhkM5yqUQ73Az3AHE
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-