Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
builded.exe
-
Size
16.3MB
-
Sample
240608-rjs77acd2y
-
MD5
936fe0891a1c8d90b443317f7d893870
-
SHA1
d7927c28f7c9279b5420c399bce948f9c274fc96
-
SHA256
1bc8b335b0a1af5b0ecbf39f20946041219c551c7dc367ec6e4eb4e87107bc97
-
SHA512
5c5698146016ede0e1a14080ec960a867f7be425a4bd25051f9a905d33e85c582ab3acbd641e70c4b9943b9b9ecb46e56ecb2d754ed2fb8c38bfa4437b71789b
-
SSDEEP
393216:HEkcqYFJWQsUcR4NzK1+TtIiFvY9Z8D8Ccl6lnBEUPKS75:HkDFYQFS1QtI6a8DZcIlBkSF
Behavioral task
behavioral1
Sample
builded.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
builded.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
build.pyc
Resource
win7-20240220-en
Behavioral task
behavioral4
Sample
build.pyc
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
builded.exe
-
Size
16.3MB
-
MD5
936fe0891a1c8d90b443317f7d893870
-
SHA1
d7927c28f7c9279b5420c399bce948f9c274fc96
-
SHA256
1bc8b335b0a1af5b0ecbf39f20946041219c551c7dc367ec6e4eb4e87107bc97
-
SHA512
5c5698146016ede0e1a14080ec960a867f7be425a4bd25051f9a905d33e85c582ab3acbd641e70c4b9943b9b9ecb46e56ecb2d754ed2fb8c38bfa4437b71789b
-
SSDEEP
393216:HEkcqYFJWQsUcR4NzK1+TtIiFvY9Z8D8Ccl6lnBEUPKS75:HkDFYQFS1QtI6a8DZcIlBkSF
-
Drops startup file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
-
-
Target
build.pyc
-
Size
64KB
-
MD5
40c03899b664e90df6e9c2db8bd3471a
-
SHA1
395b49a0410a25a5d09870b6f394ebb3a9a62b7f
-
SHA256
f82d7ed28482ec77cb92635fe90a70959394a4cc6fa29d0fac5d0e3c062b9455
-
SHA512
2b678035641d0661d74d893746d6e0a5a99987ca60666c7500f755f2b59793b2ae3477f02726a35d4d803ca25b8ffb5903d85f28095366b04e7785b5da949cc9
-
SSDEEP
1536:7CrQqe+0Ql9pObo8BHWftlx7HFHOW98VgeOR2eP:7CrYbo8B2VlxTVHMgeORH
Score3/10 -