Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
osint.exe
-
Size
8.6MB
-
Sample
240705-tdmvbstdqd
-
MD5
3818e1b208a5e2b87e33605401d51bf7
-
SHA1
fb6654fef194c15fde955384288c5fe26652d4c7
-
SHA256
c1da27820a0d014e035568229fd2fcf60d0b55f09082a3a31d8c1f2ef244a48a
-
SHA512
a39e5a6c6573dfc3134f9b0dff01b3617f0b626bd7a3873888f73c32674e0d87d9d4a9a7eded4ff6e08e6e1714ea580aa7b12a44ffeef79014e044cd1f6b90bd
-
SSDEEP
196608:qnp//E8pA1HeT39Iigw7vKub75bcjWgb66e7GJzfoAkj2zWlRYW:f8C1+TtIiF7vB5IjWq66eCzmSW
Behavioral task
behavioral1
Sample
osint.exe
Resource
win10v2004-20240704-en
Malware Config
Targets
-
-
Target
osint.exe
-
Size
8.6MB
-
MD5
3818e1b208a5e2b87e33605401d51bf7
-
SHA1
fb6654fef194c15fde955384288c5fe26652d4c7
-
SHA256
c1da27820a0d014e035568229fd2fcf60d0b55f09082a3a31d8c1f2ef244a48a
-
SHA512
a39e5a6c6573dfc3134f9b0dff01b3617f0b626bd7a3873888f73c32674e0d87d9d4a9a7eded4ff6e08e6e1714ea580aa7b12a44ffeef79014e044cd1f6b90bd
-
SSDEEP
196608:qnp//E8pA1HeT39Iigw7vKub75bcjWgb66e7GJzfoAkj2zWlRYW:f8C1+TtIiF7vB5IjWq66eCzmSW
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-