Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8b5376bda7dabd5355e17ed2d29a76b466f5197841a35568276c843e332835b4.exe
-
Size
651KB
-
Sample
240603-pqlqksfg79
-
MD5
461a238903404999e36835284a2eaaf7
-
SHA1
d8a050750f7fdc5038d4164c8f7d247d2cecf7a9
-
SHA256
8b5376bda7dabd5355e17ed2d29a76b466f5197841a35568276c843e332835b4
-
SHA512
dbacc9234a74ac470839a6668899a6725c915d4ffb4c9fa27208d18cf35798bc6edef056a99e9500131257bb1d37a2cc280c9fabd409f55900f8db602368f586
-
SSDEEP
12288:eiETpbqSE35/ohUxyWC5c5+C4PE4Y5tq1czVGZaIrKiHbts3/1MkR:WbqSE3JYwkm5+CmEjGlNrKc5M/F
Static task
static1
Behavioral task
behavioral1
Sample
8b5376bda7dabd5355e17ed2d29a76b466f5197841a35568276c843e332835b4.exe
Resource
win7-20240220-en
Malware Config
Extracted
formbook
4.1
cn26
ajtsistemas.com
kolotylo.info
mraofficial.store
shopcupsareus.com
odishastatenews.in
yipicircle.life
bryve.shop
tempotrekstore.com
casinoslotsjoint.com
xiaoshuoxyz.com
art-birdsflyinghigh.com
odvip438.com
verlatservicios.com
bilocoin.world
lamaisonfacile.com
guojiang-v37.xyz
shsredgpoufnds.net
thequorumcompany.com
qf4h1tcpmgxor7b.skin
daisyjoanniezu.cyou
r41opxw1076r.shop
scientificmetalscorp.co
shopusuniform.com
j0mui3.shop
halqiuststone.com
hasenkamp.dev
549965.autos
nadarrawellness.com
31artspace.com
americanidolizing.com
vacaychateau.com
c377b2xq.shop
essere.love
e2olyiab.shop
skechersshoes-cz.com
laurabodyboost.com
laser-skin-treatment-19799.bond
theburnscleanteam.com
tiensbangladesh.net
sothana.top
hillingpowerhouse.com
kingelecpos.com
xn--y3rqw57i.com
foton.africa
emergencyresponsemd.com
0pjke0.vip
keepitkoming.shop
lamyahkalimi.com
dehamobilya.com
pornerbros.top
happyjumps.co
pool-repair-35063.bond
thepassionpact.shop
elroi-mexico.com
xztyvk.xyz
origenworld.com
licstarmfprabakar.com
asfaua.com
zenvip.club
seo-andorra.com
cgffwelcome.com
sswpdx.com
7jtsyx.pw
australiangamesgroup.com
tires-book-robust.bond
Targets
-
-
Target
8b5376bda7dabd5355e17ed2d29a76b466f5197841a35568276c843e332835b4.exe
-
Size
651KB
-
MD5
461a238903404999e36835284a2eaaf7
-
SHA1
d8a050750f7fdc5038d4164c8f7d247d2cecf7a9
-
SHA256
8b5376bda7dabd5355e17ed2d29a76b466f5197841a35568276c843e332835b4
-
SHA512
dbacc9234a74ac470839a6668899a6725c915d4ffb4c9fa27208d18cf35798bc6edef056a99e9500131257bb1d37a2cc280c9fabd409f55900f8db602368f586
-
SSDEEP
12288:eiETpbqSE35/ohUxyWC5c5+C4PE4Y5tq1czVGZaIrKiHbts3/1MkR:WbqSE3JYwkm5+CmEjGlNrKc5M/F
-
Formbook payload
-
Suspicious use of SetThreadContext
-