Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

232-29-0x0...ry.exe

windows7-x64

232-29-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    232-29-0x0000000000400000-0x00000000004EC000-memory.dmp

  • Size

    944KB

  • Sample

    240724-ahrjjazeqf

  • MD5

    c3ef3cf5ae7fe31c2f61cb77df6c5104

  • SHA1

    5e6a00f3c756025224723f533951d8ee5920296a

  • SHA256

    f8949f48028c5bbec90f6549986418a2be1ec8d18501b0ee38855a73f01c83c2

  • SHA512

    5a04f7f5acc297d76f6efad569a753f727f950d00c25ce217a4da0279d54c611f5f2bd58a751bf34da9efc7be082f54e31cae96d365f8d6e9c1c6f9312fd3246

  • SSDEEP

    24576:tmkdueXjq0OQKc2YSEegpQRDLusJLK1lkuoLP:IkdueXjq0OQKc2YSEegpshk1lk

Score
10/10
quasarj4s0nツ

Malware Config

Extracted

Family

quasar

Version

2.8.0.1

Botnet

j4s0nツ

C2

191.96.79.79:5552

Mutex

k0xu0yaV18JcyOu4RW

Attributes
  • encryption_key

    dfDMgawnkTln5Mq1lzTq

  • install_name

    Venom.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    Venom Client Startup

Targets

    • Target

      232-29-0x0000000000400000-0x00000000004EC000-memory.dmp

    • Size

      944KB

    • MD5

      c3ef3cf5ae7fe31c2f61cb77df6c5104

    • SHA1

      5e6a00f3c756025224723f533951d8ee5920296a

    • SHA256

      f8949f48028c5bbec90f6549986418a2be1ec8d18501b0ee38855a73f01c83c2

    • SHA512

      5a04f7f5acc297d76f6efad569a753f727f950d00c25ce217a4da0279d54c611f5f2bd58a751bf34da9efc7be082f54e31cae96d365f8d6e9c1c6f9312fd3246

    • SSDEEP

      24576:tmkdueXjq0OQKc2YSEegpQRDLusJLK1lkuoLP:IkdueXjq0OQKc2YSEegpshk1lk

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks