Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
popepe.zip
-
Size
30.2MB
-
Sample
240701-qlqdmstemc
-
MD5
c667e8fb82f2e7a4f0590f2448f50a5f
-
SHA1
a8e1900cadefe6f297880ceec1a9c0caf4e5fb14
-
SHA256
460e89b89994f0279284eb1ddb2badf66a7d05abcfe13cf1f2674deb3f08dfa6
-
SHA512
0f272c08114cfb0fe666ada799c857bac8ddd7788207424efdc24eb00395621ebaa2d6e42f91e7ea3c5ac552d6890db9dfb87e0cf2593b1ec553f33523ca8b5c
-
SSDEEP
786432:ATe/Wuc3sXxDLjPnF6JvZm9HQ9p2IkkTTsBAnz5uhaJP/1Jo21:pxcCDl+vZv9YBkToy1uhaF/jo21
Static task
static1
Behavioral task
behavioral1
Sample
popepe.zip
Resource
win10-20240404-en
Behavioral task
behavioral2
Sample
niplnk.rar
Resource
win10-20240611-en
Malware Config
Targets
-
-
Target
popepe.zip
-
Size
30.2MB
-
MD5
c667e8fb82f2e7a4f0590f2448f50a5f
-
SHA1
a8e1900cadefe6f297880ceec1a9c0caf4e5fb14
-
SHA256
460e89b89994f0279284eb1ddb2badf66a7d05abcfe13cf1f2674deb3f08dfa6
-
SHA512
0f272c08114cfb0fe666ada799c857bac8ddd7788207424efdc24eb00395621ebaa2d6e42f91e7ea3c5ac552d6890db9dfb87e0cf2593b1ec553f33523ca8b5c
-
SSDEEP
786432:ATe/Wuc3sXxDLjPnF6JvZm9HQ9p2IkkTTsBAnz5uhaJP/1Jo21:pxcCDl+vZv9YBkToy1uhaF/jo21
-
Downloads MZ/PE file
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-
-
-
Target
niplnk.rar
-
Size
30.2MB
-
MD5
6d0dd8a949147d97b2204c8bac2110ca
-
SHA1
734eee92faec856a56f7e9f3c5add0019770be54
-
SHA256
da2dff46917501495e53a05ece965a25d2e4b70d120346caec19a7789a1e196f
-
SHA512
ee82c006e92f717a4d014bf9c559f51c41e5f471634f56a3e943c5c5b427739e2d4966bfeb718367bb6928ca2fc4c4b0af661b11423dd983cae63c49a9828374
-
SSDEEP
786432:VTe/Wuc3sXxDLjPnF6JvZm9HQ9p2IkkTTsBAnz5uhaJP/1Jo25:kxcCDl+vZv9YBkToy1uhaF/jo25
Score3/10 -