Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

daun.exe

windows7-x64

7

daun.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    daun.exe

  • Size

    557KB

  • Sample

    240912-x4dk5azhkb

  • MD5

    b748b605cf8d9e3103701202143aa092

  • SHA1

    e49095644bb43f9c5ac524b5519e00526794b102

  • SHA256

    d663c78c257545297181ac761995c3b86ef3df23a267ae43a69c5b7788e927d5

  • SHA512

    6b7b28619c91913b7c9cc184678d1e208867a0a0acd20bcc5a99194f6bafbb9fdeedeaac39563cecd938f930214774b426a6603c35d459de4b354e0f201b866c

  • SSDEEP

    12288:qQBI/5nXN+xaet5bgH3bC6eXLTidCeE9MGyldojOO/YP973qSarS2yWvdXglczGH:qQBI/5nXiaGbgXbC68

Score
10/10
phemedronecredential_accessdiscoverystealer

Malware Config

Extracted

Family

phemedrone

C2

https://api.telegram.org/bot7324318844:AAG9Yvtou9WcrzMj25CcTjoC8Eu_d5OZKZ0/sendDocument

Targets

    • Target

      daun.exe

    • Size

      557KB

    • MD5

      b748b605cf8d9e3103701202143aa092

    • SHA1

      e49095644bb43f9c5ac524b5519e00526794b102

    • SHA256

      d663c78c257545297181ac761995c3b86ef3df23a267ae43a69c5b7788e927d5

    • SHA512

      6b7b28619c91913b7c9cc184678d1e208867a0a0acd20bcc5a99194f6bafbb9fdeedeaac39563cecd938f930214774b426a6603c35d459de4b354e0f201b866c

    • SSDEEP

      12288:qQBI/5nXN+xaet5bgH3bC6eXLTidCeE9MGyldojOO/YP973qSarS2yWvdXglczGH:qQBI/5nXiaGbgXbC68

    Score
    10/10
    discoveryphemedronecredential_accessstealer

    • Phemedrone

      An information and wallet stealer written in C#.

      stealerphemedrone

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

      credential_accessstealer

    • Loads dropped DLL

    • Unsecured Credentials: Credentials In Files

      Steal credentials from unsecured files.

      credential_accessstealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.