Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Galaxy.exe
-
Size
7.7MB
-
Sample
240705-smq3nstakf
-
MD5
d038163a149238808c986b779c494985
-
SHA1
f678f3f3ce85a11ac0c0bdb66ab593ad8cbf71da
-
SHA256
4e844485523880080b82ec2f377793b305842b7614d52c94196f854f8f18d2aa
-
SHA512
439c8044954a009536a49eb035c7ab3e534f6f93cbc958885b8f980573ee961361e4773042454e32d8f318c0714bb6e2fddc9b827c05e33689f84b3270150645
-
SSDEEP
98304:tOzHqdVfB2RRS27wpyuT/9vUIdD9C+z3zO917vOTh+ezDNhCSpXq49vmJ1nmOBNx:tOQs6bT/9bvLz3S1bA3zCSEpn97+0B
Behavioral task
behavioral1
Sample
Galaxy.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
Galaxy.exe
Resource
win10v2004-20240704-en
Malware Config
Targets
-
-
Target
Galaxy.exe
-
Size
7.7MB
-
MD5
d038163a149238808c986b779c494985
-
SHA1
f678f3f3ce85a11ac0c0bdb66ab593ad8cbf71da
-
SHA256
4e844485523880080b82ec2f377793b305842b7614d52c94196f854f8f18d2aa
-
SHA512
439c8044954a009536a49eb035c7ab3e534f6f93cbc958885b8f980573ee961361e4773042454e32d8f318c0714bb6e2fddc9b827c05e33689f84b3270150645
-
SSDEEP
98304:tOzHqdVfB2RRS27wpyuT/9vUIdD9C+z3zO917vOTh+ezDNhCSpXq49vmJ1nmOBNx:tOQs6bT/9bvLz3S1bA3zCSEpn97+0B
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Hide Artifacts: Hidden Files and Directories
-