Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
logged+(2).exe
-
Size
68.8MB
-
Sample
240823-r3t9lasfkr
-
MD5
131a0331ce53f9e6a759f58bd721a8ae
-
SHA1
792abb2103c475a799a1bf50ab23fc2f047e4a0d
-
SHA256
1776b224ac32cc73773edf950cf7cb07203b4ca966d08f18c7025c5c6d267074
-
SHA512
113d649f49d1297562ddd8d8caec6bc23d4a8ffc9ad7055130e805bc1e7ec26462f64a872d64edbbfd50c9b9189f6fd2915e7ff83ab551d6e8caccb12a426d69
-
SSDEEP
1572864:jWcgp8eLX5WJoWbgWRSgkNOXWxtQSNLiIc3yxpzWSmaZrQEC:jlgOYX5M3gbcKCmc3gWlaZrb
Behavioral task
behavioral1
Sample
logged+(2).exe
Resource
win11-20240802-en
Malware Config
Targets
-
-
Target
logged+(2).exe
-
Size
68.8MB
-
MD5
131a0331ce53f9e6a759f58bd721a8ae
-
SHA1
792abb2103c475a799a1bf50ab23fc2f047e4a0d
-
SHA256
1776b224ac32cc73773edf950cf7cb07203b4ca966d08f18c7025c5c6d267074
-
SHA512
113d649f49d1297562ddd8d8caec6bc23d4a8ffc9ad7055130e805bc1e7ec26462f64a872d64edbbfd50c9b9189f6fd2915e7ff83ab551d6e8caccb12a426d69
-
SSDEEP
1572864:jWcgp8eLX5WJoWbgWRSgkNOXWxtQSNLiIc3yxpzWSmaZrQEC:jlgOYX5M3gbcKCmc3gWlaZrb
Score9/10-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in System32 directory
-