Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
68f7221674dbbb7621ce4d491bb7869344db5d91e9017601943e7b1e672b2d7b.exe
-
Size
2.6MB
-
Sample
240724-cewp7avelb
-
MD5
6159bd2beba187d99dad9e2a802fe8fd
-
SHA1
bf1b92c2b6d41fb3ad17e3e658f0d86a8c07cc22
-
SHA256
68f7221674dbbb7621ce4d491bb7869344db5d91e9017601943e7b1e672b2d7b
-
SHA512
3a0f432fe9357833bb224ebfa5776f11fa8b0ef09fdf3610f73662c958944909057a7323576db7117197525b31bead2835f81671c93da4a69451b5b9e87bbb72
-
SSDEEP
49152:FPgIpTlcBsyifklUwVowI9dy5y5iEvBMfyWrmXPipqNW1rTz:FYIg0fOXVRI9dy5yQEvBMfyWrmXPiXrT
Behavioral task
behavioral1
Sample
68f7221674dbbb7621ce4d491bb7869344db5d91e9017601943e7b1e672b2d7b.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
68f7221674dbbb7621ce4d491bb7869344db5d91e9017601943e7b1e672b2d7b.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
Protocol: smtp- Host:
gator3220.hostgator.com - Port:
587 - Username:
[email protected] - Password:
ABBG_3!y7%@agIh
Targets
-
-
Target
68f7221674dbbb7621ce4d491bb7869344db5d91e9017601943e7b1e672b2d7b.exe
-
Size
2.6MB
-
MD5
6159bd2beba187d99dad9e2a802fe8fd
-
SHA1
bf1b92c2b6d41fb3ad17e3e658f0d86a8c07cc22
-
SHA256
68f7221674dbbb7621ce4d491bb7869344db5d91e9017601943e7b1e672b2d7b
-
SHA512
3a0f432fe9357833bb224ebfa5776f11fa8b0ef09fdf3610f73662c958944909057a7323576db7117197525b31bead2835f81671c93da4a69451b5b9e87bbb72
-
SSDEEP
49152:FPgIpTlcBsyifklUwVowI9dy5y5iEvBMfyWrmXPipqNW1rTz:FYIg0fOXVRI9dy5yQEvBMfyWrmXPiXrT
-
PureLog Stealer payload
-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-