Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4d55a8b9a8067c097e185c42c481fc46481941dc109464b2c6c9c78a96c6f35aN
-
Size
49KB
-
Sample
240930-ndqckascjp
-
MD5
015cade3249c7fb0c9d2a6da37c82e40
-
SHA1
29d692c71b2cb4ba392a662ede41f18d68e926b8
-
SHA256
4d55a8b9a8067c097e185c42c481fc46481941dc109464b2c6c9c78a96c6f35a
-
SHA512
c899cf2216d0121b8d3176eebff70302ca20f3e2f50176f7bfbd9b62d267141781d00c3c61d53b520a3f9819a248fd2c47d7a7cdb56e8a361d9553af292809b9
-
SSDEEP
768:EmWuGBEn+ezyhX28QgUtGdj2bZjT9YTg9rSaRjn5FnUMew30T6eUE4uWZ/1H510m:EBe+ayhX20JMZqk9rS8H7302eUEKT5
Static task
static1
Behavioral task
behavioral1
Sample
4d55a8b9a8067c097e185c42c481fc46481941dc109464b2c6c9c78a96c6f35aN.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
4d55a8b9a8067c097e185c42c481fc46481941dc109464b2c6c9c78a96c6f35aN.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
4d55a8b9a8067c097e185c42c481fc46481941dc109464b2c6c9c78a96c6f35aN
-
Size
49KB
-
MD5
015cade3249c7fb0c9d2a6da37c82e40
-
SHA1
29d692c71b2cb4ba392a662ede41f18d68e926b8
-
SHA256
4d55a8b9a8067c097e185c42c481fc46481941dc109464b2c6c9c78a96c6f35a
-
SHA512
c899cf2216d0121b8d3176eebff70302ca20f3e2f50176f7bfbd9b62d267141781d00c3c61d53b520a3f9819a248fd2c47d7a7cdb56e8a361d9553af292809b9
-
SSDEEP
768:EmWuGBEn+ezyhX28QgUtGdj2bZjT9YTg9rSaRjn5FnUMew30T6eUE4uWZ/1H510m:EBe+ayhX20JMZqk9rS8H7302eUEKT5
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-