Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

64c3c3a500...21.exe

windows7-x64

10

64c3c3a500...21.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    de042e38d84cf16252496d8330eacf1b.zip

  • Size

    471KB

  • Sample

    240901-samjqavaqf

  • MD5

    221b43458df7c70b32c9e98e938c7ff7

  • SHA1

    476c10697627ef5a46088285c30b0e8ddf669d0c

  • SHA256

    be76309eec12e3eada6dea02b6f08f4db9468953380bec1eddbf452889f083e8

  • SHA512

    f5b0cf4346280c532106b06ea85f5e6a52ffda6acc56f08859d1382a8a231367d36ac29f8fd074ff6f545f8e7c4a0eda3f3274e816616e04ca6e86834d958f0c

  • SSDEEP

    6144:2aBpav0OHPgVcGlJ5tNS+prVmnqP2y/F1PZ2nvM1bMeTdwBi4k27ecRhXrXhlk:lpNYPgCmJ5t/prkqcUNRyzT7h2

Score
10/10
xloaderfqiqdiscoveryloaderrat

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

fqiq

Decoy

driventow.com

ipatchwork.today

bolder.equipment

seal-brother.com

mountlaketerraceapartments.com

weeden.xyz

sanlifalan.com

athafood.com

isshinn1.com

creationslazzaroni.com

eclecticrenaissancewoman.com

satellitephonstore.com

cotchildcare.com

yamacorp.digital

ff4cuno43.xyz

quicksticks.community

govindfinance.com

farmersfirstseed.com

megacinema.club

tablescaperendezvous4two.com

Targets

    • Target

      64c3c3a5004d786f14ced03e295463bebaa1ab08c59b8287001c15aac69e3521

    • Size

      585KB

    • MD5

      de042e38d84cf16252496d8330eacf1b

    • SHA1

      cf808849aa0afbf36dbcd71a63499da2132f52d1

    • SHA256

      64c3c3a5004d786f14ced03e295463bebaa1ab08c59b8287001c15aac69e3521

    • SHA512

      1f6cf41e7706e7e6b717aaeb5c83bd0dfa74d2038cff02e146dc9d4718e398db67621e51e94287d5f320b9ea7a372fb2b31dafa81b0a86bdcc2033fd723da2a3

    • SSDEEP

      12288:ny3bU4N/HJRNwwC6dQ7HG+4FnjLlOhsxeHHV:0fJrPZQ7HGhBpOyxenV

    Score
    10/10
    xloaderfqiqdiscoveryloaderrat

    • Xloader

      Xloader is a rebranded version of Formbook malware.

      loaderxloader

    • Xloader payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.