Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d068a6d76dec4793e1c7e67d849485fec2eac4d1da91b48426c31d7b2b172b48
-
Size
1021KB
-
Sample
240811-px6dkazdmm
-
MD5
a63aa4427cbc2b463642def398f2d217
-
SHA1
49c3c7d4fea7f7abdf148e33b3470ce1bc23ecc5
-
SHA256
d068a6d76dec4793e1c7e67d849485fec2eac4d1da91b48426c31d7b2b172b48
-
SHA512
4fedbe899a27f0c9c34a8c4cced85c68148dab9b605e24787b4552429ab6d1091bc78f8599ca0ca43acd18c6d74fe94830ed4303f24bf9ffe99b0cf9fec6a198
-
SSDEEP
24576:rhEQaXb3UlbHCxOBHyP1OL7LDMf0f7GSbTmTMs1eC:u9TUBHCxOxyP03LDG0jGSmTnd
Static task
static1
Behavioral task
behavioral1
Sample
d068a6d76dec4793e1c7e67d849485fec2eac4d1da91b48426c31d7b2b172b48.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
lumma
https://enthusiandsi.shop/api
https://empiredzmwnx.shop/api
https://boattyownerwrv.shop/api
https://rainbowmynsjn.shop/api
https://definitonizmnx.shop/api
https://creepydxzoxmj.shop/api
https://budgetttysnzm.shop/api
https://chippyfroggsyhz.shop/api
https://assumedtribsosp.shop/api
Extracted
lumma
https://enthusiandsi.shop/api
https://tenntysjuxmz.shop/api
Targets
-
-
Target
d068a6d76dec4793e1c7e67d849485fec2eac4d1da91b48426c31d7b2b172b48
-
Size
1021KB
-
MD5
a63aa4427cbc2b463642def398f2d217
-
SHA1
49c3c7d4fea7f7abdf148e33b3470ce1bc23ecc5
-
SHA256
d068a6d76dec4793e1c7e67d849485fec2eac4d1da91b48426c31d7b2b172b48
-
SHA512
4fedbe899a27f0c9c34a8c4cced85c68148dab9b605e24787b4552429ab6d1091bc78f8599ca0ca43acd18c6d74fe94830ed4303f24bf9ffe99b0cf9fec6a198
-
SSDEEP
24576:rhEQaXb3UlbHCxOBHyP1OL7LDMf0f7GSbTmTMs1eC:u9TUBHCxOxyP03LDG0jGSmTnd
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates processes with tasklist
-
Suspicious use of SetThreadContext
-