Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Quotation.exe
-
Size
696KB
-
Sample
240604-g8wz9sgb3y
-
MD5
1701c039722e0ba1cc8876b22bc371f7
-
SHA1
4b0827c74ec83a5c5db429d36d095d3f7d14d8a5
-
SHA256
5f811c57872e95387829dbd3addf6e27bbf3bcbcc388354ea19d41ed1b5bd8de
-
SHA512
baa1cb4fea71fea989998b40c7fc61df73e967d3eae4af3000143a51bd195659b1295c9573a2ce4b7f1bf7810907305dd5e2826dd3fad887b7103546c224d5ce
-
SSDEEP
12288:u7kpO8mUKNr+uf5Z3g7Gj1/TTwYmbHNbAHUkZJ1bfQ+Ruf0MTGLjcTb:G82Cuf5ZQ7GjpTTwAJhQ+RFeZ
Static task
static1
Behavioral task
behavioral1
Sample
Quotation.exe
Resource
win7-20240508-en
Malware Config
Extracted
formbook
4.1
mw62
abpdainik.in
luxuryprojectmalad.co.in
cajunbellebeauty.com
fpmfstudios.com
spedyz.shop
wilddogphotographics.com
apollomoda1.com
evrimciftciportfolio.com
99977bet.com
inefavel.com
mf85.com
online-doctor-nl-1.bond
zqi2lv.vip
thewebdesignhub.co
botwitter.com
18comic-palwoeld.club
loveweldpermanentjewelry.com
l3er39pc-gaywn6kv-d7fs4t7u.cc
31yoyogamestudio.com
yhvh.cloud
skechersoutlets-nz.com
elroyaldearagon.com
adamandcoco.com
xembonghay1.com
glasspanelrepair.com
epl317.top
lindacoledesign.com
brainfog.cloud
hermandaddelrociodecoria.store
capmozwork.com
hewqam.xyz
sullivanbusinessconsulting.com
justicefortrump2024.com
nhakhoasing.xyz
eldozz-draw.top
dasoak.top
estun.shop
2658jjj.buzz
replay77situs.co
therainbowpeoplejp.com
onartgo.com
imanse-impact-consultancy.com
feedsone.top
danielreinhold.com
tinytap.online
bactedes.website
xn--80akkrcheecblg.online
useliteacademy.com
growfrsh.cfd
texas.cyou
etca7575.online
samo-ai.com
baseresidents.xyz
nextmove.homes
larosacontracting.com
208001.com
hbkzle.shop
melbet-pakistan.com
remagrholod.store
airlinetickets.click
achievedisabilityservices.com
yourethevoicemusical.com
1aqx3s3y.shop
od93p9g5xwbk.xyz
dfrt.store
Targets
-
-
Target
Quotation.exe
-
Size
696KB
-
MD5
1701c039722e0ba1cc8876b22bc371f7
-
SHA1
4b0827c74ec83a5c5db429d36d095d3f7d14d8a5
-
SHA256
5f811c57872e95387829dbd3addf6e27bbf3bcbcc388354ea19d41ed1b5bd8de
-
SHA512
baa1cb4fea71fea989998b40c7fc61df73e967d3eae4af3000143a51bd195659b1295c9573a2ce4b7f1bf7810907305dd5e2826dd3fad887b7103546c224d5ce
-
SSDEEP
12288:u7kpO8mUKNr+uf5Z3g7Gj1/TTwYmbHNbAHUkZJ1bfQ+Ruf0MTGLjcTb:G82Cuf5ZQ7GjpTTwAJhQ+RFeZ
-
Formbook payload
-
Deletes itself
-
Suspicious use of SetThreadContext
-