Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

45458cb192...a3.exe

windows7-x64

10

45458cb192...a3.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    45458cb19216ce36f2c0391b90bd0e35a74583d0bdfd5a2e48e9e1d625cceba3.exe

  • Size

    2.0MB

  • Sample

    240821-l8nfcaweqp

  • MD5

    d4f9d1afe2b5bf3633642526c01625d2

  • SHA1

    f553184ae1cf84c9d12ae7ea8262e1cec6442577

  • SHA256

    45458cb19216ce36f2c0391b90bd0e35a74583d0bdfd5a2e48e9e1d625cceba3

  • SHA512

    dcb89b0095fd7ab16ecfd3e4d43d1d6358e612fda3fbdc1cc1dd8d49c69fe60759c20b5f28ec758a6a577626b796f4e2ee66aa7e1f01cfc008c0af6cf52b5c82

  • SSDEEP

    49152:Be7O00O0FTsQTv1YcXKpRaV6NL4ZlEhLHSjqKoe:U7j0OWVTdYcfV6NL4ZlEpyjqKoe

Score
10/10
purelogstealercollectionpersistencestealer

Malware Config

Targets

    • Target

      45458cb19216ce36f2c0391b90bd0e35a74583d0bdfd5a2e48e9e1d625cceba3.exe

    • Size

      2.0MB

    • MD5

      d4f9d1afe2b5bf3633642526c01625d2

    • SHA1

      f553184ae1cf84c9d12ae7ea8262e1cec6442577

    • SHA256

      45458cb19216ce36f2c0391b90bd0e35a74583d0bdfd5a2e48e9e1d625cceba3

    • SHA512

      dcb89b0095fd7ab16ecfd3e4d43d1d6358e612fda3fbdc1cc1dd8d49c69fe60759c20b5f28ec758a6a577626b796f4e2ee66aa7e1f01cfc008c0af6cf52b5c82

    • SSDEEP

      49152:Be7O00O0FTsQTv1YcXKpRaV6NL4ZlEhLHSjqKoe:U7j0OWVTdYcfV6NL4ZlEpyjqKoe

    Score
    10/10
    purelogstealerpersistencestealercollection

    • PureLog Stealer

      PureLog Stealer is an infostealer written in C#.

      stealerpurelogstealer

    • PureLog Stealer payload

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Loads dropped DLL

    • Accesses Microsoft Outlook profiles

      collection

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.