Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9a3f94d8853f20963184f34cf75ecc08678ff43ec7ba524e54c1825d42d9f7d7
-
Size
249KB
-
Sample
240607-azamcaee51
-
MD5
89ef597ad4066073fc1adfdd7e2487e8
-
SHA1
053d0deee8a5a4ed5bac4e0e7a643ddbeee94084
-
SHA256
9a3f94d8853f20963184f34cf75ecc08678ff43ec7ba524e54c1825d42d9f7d7
-
SHA512
f48aaced3771f780e145d20e977b4aa8d2be8227c52a6b7f2e65b126d806d7ba619288572fc381ab38077081ba48f501b2b4a9e85e34f109d7a454f5b74ca78c
-
SSDEEP
3072:ZiNo04Zd5/Dj53rOxGMWw2jzr5K+LWorYHLWorYO/IYE:ZijifnspWTfPL10HL10QE
Static task
static1
Behavioral task
behavioral1
Sample
9a3f94d8853f20963184f34cf75ecc08678ff43ec7ba524e54c1825d42d9f7d7.exe
Resource
win7-20240221-en
Malware Config
Extracted
stealc
default12
http://185.172.128.170
-
url_path
/7043a0c6a68d9c65.php
Targets
-
-
Target
9a3f94d8853f20963184f34cf75ecc08678ff43ec7ba524e54c1825d42d9f7d7
-
Size
249KB
-
MD5
89ef597ad4066073fc1adfdd7e2487e8
-
SHA1
053d0deee8a5a4ed5bac4e0e7a643ddbeee94084
-
SHA256
9a3f94d8853f20963184f34cf75ecc08678ff43ec7ba524e54c1825d42d9f7d7
-
SHA512
f48aaced3771f780e145d20e977b4aa8d2be8227c52a6b7f2e65b126d806d7ba619288572fc381ab38077081ba48f501b2b4a9e85e34f109d7a454f5b74ca78c
-
SSDEEP
3072:ZiNo04Zd5/Dj53rOxGMWw2jzr5K+LWorYHLWorYO/IYE:ZijifnspWTfPL10HL10QE
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-