Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
48a4712ae782ae16698b8a85c74dcb790e610c5a31c746319fb1d30e0e3c6096
-
Size
512KB
-
Sample
240707-kykq2ayaqk
-
MD5
383dc98d03038d2374701a5bfa5d8c0a
-
SHA1
e7fb6995ef4ea1b28f9527c96321452ac59686e1
-
SHA256
48a4712ae782ae16698b8a85c74dcb790e610c5a31c746319fb1d30e0e3c6096
-
SHA512
b846e728ec92a77af8b2a822c970646170951254dbd9ec5332191dc7d4b1fd15708e4850912049a772e4af1992fe2658ae3af49a377fb2172eb588fe8c6baff2
-
SSDEEP
12288:6oZruugE3QDpUibhyJMu5ZkffXdBssjWCxj+x:6oZCugEA9rS5Z8fXdjWN
Static task
static1
Behavioral task
behavioral1
Sample
48a4712ae782ae16698b8a85c74dcb790e610c5a31c746319fb1d30e0e3c6096.exe
Resource
win10v2004-20240704-en
Malware Config
Extracted
lumma
https://benchillppwo.shop/api
Targets
-
-
Target
48a4712ae782ae16698b8a85c74dcb790e610c5a31c746319fb1d30e0e3c6096
-
Size
512KB
-
MD5
383dc98d03038d2374701a5bfa5d8c0a
-
SHA1
e7fb6995ef4ea1b28f9527c96321452ac59686e1
-
SHA256
48a4712ae782ae16698b8a85c74dcb790e610c5a31c746319fb1d30e0e3c6096
-
SHA512
b846e728ec92a77af8b2a822c970646170951254dbd9ec5332191dc7d4b1fd15708e4850912049a772e4af1992fe2658ae3af49a377fb2172eb588fe8c6baff2
-
SSDEEP
12288:6oZruugE3QDpUibhyJMu5ZkffXdBssjWCxj+x:6oZCugEA9rS5Z8fXdjWN
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-