Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8f6a80db2b88528afd90d1bd38860a69573d0127b069983ef89e46c495c57543
-
Size
6.3MB
-
Sample
240906-hsv9gasdqk
-
MD5
0857e05e60f7043cc225770fbfbd9813
-
SHA1
ea62c4e5470df8d3703fe2c345aecd5692b51a56
-
SHA256
8f6a80db2b88528afd90d1bd38860a69573d0127b069983ef89e46c495c57543
-
SHA512
fe7c9abc314e286265f4aec24a1919a06c30cb53b447eaf69f34dd9281d816c06228019643163e9224cc1a399d4bb2683225ac6e47ad41fa0b3126473713f369
-
SSDEEP
98304:tel2olgN65W+VDoKTM5NLrN8AA5mW5qV6+1AKBtWxNHXw:tel2jmDo+MbvGbxW6+e0tCRXw
Static task
static1
Behavioral task
behavioral1
Sample
8f6a80db2b88528afd90d1bd38860a69573d0127b069983ef89e46c495c57543.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral2
Sample
8f6a80db2b88528afd90d1bd38860a69573d0127b069983ef89e46c495c57543.exe
Resource
win11-20240802-en
Malware Config
Extracted
cryptbot
analforeverlovyu.top
sevtv17ht.top
-
url_path
/v1/upload.php
Targets
-
-
Target
8f6a80db2b88528afd90d1bd38860a69573d0127b069983ef89e46c495c57543
-
Size
6.3MB
-
MD5
0857e05e60f7043cc225770fbfbd9813
-
SHA1
ea62c4e5470df8d3703fe2c345aecd5692b51a56
-
SHA256
8f6a80db2b88528afd90d1bd38860a69573d0127b069983ef89e46c495c57543
-
SHA512
fe7c9abc314e286265f4aec24a1919a06c30cb53b447eaf69f34dd9281d816c06228019643163e9224cc1a399d4bb2683225ac6e47ad41fa0b3126473713f369
-
SSDEEP
98304:tel2olgN65W+VDoKTM5NLrN8AA5mW5qV6+1AKBtWxNHXw:tel2jmDo+MbvGbxW6+e0tCRXw
Score10/10-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-