Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Installer.zip
-
Size
15.4MB
-
Sample
240704-xndk7atdpm
-
MD5
84f9509d4d4c3689db698ee622daca3d
-
SHA1
f3291f7f48060f7add3a67b61fff2cfb7f9e2c1c
-
SHA256
85dac40d1f4110209bf105eea8d2ff1d5a6ff8693d1cc368c6fad42cf15942da
-
SHA512
cb4790e40677099525be1c3e0f9a72a9c1c58fbf6a5320bf5ea135a2619347884377242338b7fdde5c838a7ed1dda263e8b724115e5cab6166486b7250c2a95b
-
SSDEEP
393216:XcA9WL8GW/qjRjjT0qT3YNyNYZz7FDklJNO16YyM6XzeaFl85hB+yGG:XZ9dGWApTSzZP6l/O1yTFlufiG
Static task
static1
Behavioral task
behavioral1
Sample
Installer/Installer.exe
Resource
win7-20240221-en
Malware Config
Extracted
lumma
https://stationacutwo.shop/api
Targets
-
-
Target
Installer/Installer.exe
-
Size
627KB
-
MD5
fb34d2867b0e9b76b7397308d06a1f99
-
SHA1
8f78602c6f94e37d411e2d93f609fc4d83fc6e7c
-
SHA256
3552f5481c4c102368def25f8836b823ff99f709637c1f4c2df05006d7bbe68e
-
SHA512
d3f99a78b93dba8d60f1ec2e5b60038a24ed9dccf9cf212e2d7e54cdcf5a240be418443efe7d6b6fe5550ff351bfc60076f6422c3f6746ffb0992c440ec2df1a
-
SSDEEP
12288:xSjzAHddkL4iiO2xqC+JuQDZMRRG5DUvYEOhIwC59VETELZ5rW2steZxSAQMirjE:xSjzA9dBD2I
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-