Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Built.exe
-
Size
8.1MB
-
Sample
240703-jyqfvaxgmn
-
MD5
63ce56e8cceba3d9cfbc9e51bc2096d8
-
SHA1
7b508d8debf737bbfe26b8887e966b54f9704a8b
-
SHA256
06fb10b1d4598007ec5dbae65545070cf9a7a9ae47bf7e3e879c60fb3456498f
-
SHA512
10ff5614139b6b5fe66b271c8dc1297b5eafea3a0c34ac330b5992b34be3f8baf62651546535fcba108a59b733c8ed1a9a221c2c7d37fcb8ce064fac5ed37dc5
-
SSDEEP
196608:ayIyqu9VqurErvI9pWjgfPvzm6VsIQnFDE14AU:DIyZsurEUWjC3zDKnp04AU
Static task
static1
Behavioral task
behavioral1
Sample
Built.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
Built.exe
-
Size
8.1MB
-
MD5
63ce56e8cceba3d9cfbc9e51bc2096d8
-
SHA1
7b508d8debf737bbfe26b8887e966b54f9704a8b
-
SHA256
06fb10b1d4598007ec5dbae65545070cf9a7a9ae47bf7e3e879c60fb3456498f
-
SHA512
10ff5614139b6b5fe66b271c8dc1297b5eafea3a0c34ac330b5992b34be3f8baf62651546535fcba108a59b733c8ed1a9a221c2c7d37fcb8ce064fac5ed37dc5
-
SSDEEP
196608:ayIyqu9VqurErvI9pWjgfPvzm6VsIQnFDE14AU:DIyZsurEUWjC3zDKnp04AU
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-