Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a531cf5568b7ab1e70b269186601bedacd734851da989ac6d37771f1b0b87547
-
Size
370KB
-
Sample
240720-e5771swerj
-
MD5
0d0b2d2e8e757e66ae44a0e3aeed2512
-
SHA1
029d6b6dab4f3b33806fcdb8ec9b457e1c7d46f6
-
SHA256
a531cf5568b7ab1e70b269186601bedacd734851da989ac6d37771f1b0b87547
-
SHA512
023a413eddd057e2253b2e674329000b14423c23db78eb61ee91538e0a73beb3e58326bc85405762ad7cd2152d6158fb844b2b8003c9b635b46b039c0010bd4b
-
SSDEEP
6144:hTNLdeErsZ/lyvUpo9lq4PT3fbf0FIMPoB4ikVTRcv2oFDXTUbEpQqee:nLgErJ3L0F5C4px82rEp6e
Static task
static1
Behavioral task
behavioral1
Sample
a531cf5568b7ab1e70b269186601bedacd734851da989ac6d37771f1b0b87547.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
stealc
hnew
http://85.28.47.70
-
url_path
/570d5d5e8678366c.php
Targets
-
-
Target
a531cf5568b7ab1e70b269186601bedacd734851da989ac6d37771f1b0b87547
-
Size
370KB
-
MD5
0d0b2d2e8e757e66ae44a0e3aeed2512
-
SHA1
029d6b6dab4f3b33806fcdb8ec9b457e1c7d46f6
-
SHA256
a531cf5568b7ab1e70b269186601bedacd734851da989ac6d37771f1b0b87547
-
SHA512
023a413eddd057e2253b2e674329000b14423c23db78eb61ee91538e0a73beb3e58326bc85405762ad7cd2152d6158fb844b2b8003c9b635b46b039c0010bd4b
-
SSDEEP
6144:hTNLdeErsZ/lyvUpo9lq4PT3fbf0FIMPoB4ikVTRcv2oFDXTUbEpQqee:nLgErJ3L0F5C4px82rEp6e
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-