Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    dd36a21b3f11b6142a898ce80d046abf5f8e0b62fa112957db619c865272ce20.exe

  • Size

    134KB

  • Sample

    240719-v5xz2swbla

  • MD5

    7f723f9e10de5dd1ce6d4e6bde89abe4

  • SHA1

    555e9af7d45b4436709150c474c28908225132f5

  • SHA256

    dd36a21b3f11b6142a898ce80d046abf5f8e0b62fa112957db619c865272ce20

  • SHA512

    ccce6e52dca4c11a8de88118b92b477c4f12f035557d6fe132d95e663d67721c76999cff688baeb349e494bfc89d49d636d8ff25207ed1c232f3b2f68508bb7e

  • SSDEEP

    3072:/kHnTc+neY+r6MVpHQhIB2E+kgaJysLTVm1AYUb:/kHTi3US/

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

mu94

Decoy

thenextamendment.net

automatiza.xyz

psikologhazelgungor.com

90857.net

robertoblondetrealtor.site

rv0awy.rest

74657.ooo

adigidea.com

world-healing.online

health4world.com

shyan.fun

anviltotable.com

vinger.online

juizltd.com

twmk.asia

cakescrushbyruby.com

listxtreme.com

00050026.xyz

finessedesignhouse.com

jsmm-27.xyz

Targets

    • Target

      dd36a21b3f11b6142a898ce80d046abf5f8e0b62fa112957db619c865272ce20.exe

    • Size

      134KB

    • MD5

      7f723f9e10de5dd1ce6d4e6bde89abe4

    • SHA1

      555e9af7d45b4436709150c474c28908225132f5

    • SHA256

      dd36a21b3f11b6142a898ce80d046abf5f8e0b62fa112957db619c865272ce20

    • SHA512

      ccce6e52dca4c11a8de88118b92b477c4f12f035557d6fe132d95e663d67721c76999cff688baeb349e494bfc89d49d636d8ff25207ed1c232f3b2f68508bb7e

    • SSDEEP

      3072:/kHnTc+neY+r6MVpHQhIB2E+kgaJysLTVm1AYUb:/kHTi3US/

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

    • Formbook payload

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks