Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
67c1c756bf985b3c0f4f3fb7ff90d010N.exe
-
Size
1.8MB
-
Sample
240722-f3rb6a1brp
-
MD5
67c1c756bf985b3c0f4f3fb7ff90d010
-
SHA1
e0ddac56e4551455a1c3c663a122deefcda79ad0
-
SHA256
4ea61deb03187f0a209f9d79245298155b8ba276876b8efc323390fbaf5ba7eb
-
SHA512
d5124be6cbbdfeb5fd3c711f996cb3873df287cad13a93710543ad937cb03aa2c8ce18b9d0811f5de6236aaff3117f5570d3ed62fab2bec73c77afb85dd406f2
-
SSDEEP
24576:zv3/fTLF671TilQFG4P5PMkFfkeMlNIZbElhzBXeCnfJCwCc4MAKFpMlyapbhcy9:Lz071uv4BPMkFfdgIZohteLM0hj9dNvf
Malware Config
Targets
-
-
Target
67c1c756bf985b3c0f4f3fb7ff90d010N.exe
-
Size
1.8MB
-
MD5
67c1c756bf985b3c0f4f3fb7ff90d010
-
SHA1
e0ddac56e4551455a1c3c663a122deefcda79ad0
-
SHA256
4ea61deb03187f0a209f9d79245298155b8ba276876b8efc323390fbaf5ba7eb
-
SHA512
d5124be6cbbdfeb5fd3c711f996cb3873df287cad13a93710543ad937cb03aa2c8ce18b9d0811f5de6236aaff3117f5570d3ed62fab2bec73c77afb85dd406f2
-
SSDEEP
24576:zv3/fTLF671TilQFG4P5PMkFfkeMlNIZbElhzBXeCnfJCwCc4MAKFpMlyapbhcy9:Lz071uv4BPMkFfdgIZohteLM0hj9dNvf
Score10/10-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Command and Scripting Interpreter: PowerShell
Powershell Invoke Web Request.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Legitimate hosting services abused for malware hosting/C2
-