Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3b0c047848ecb06e0f64f72c4cf5e5dd4d41853d9f0129b7e50adb73601ae12dN
-
Size
64KB
-
Sample
241005-pwkqgaxgpf
-
MD5
62a133e86d98e46f3c7bc0e4a8808eb0
-
SHA1
5ad0f15fa7fc971e95eb08ad9ef8cbaddb3df6e0
-
SHA256
3b0c047848ecb06e0f64f72c4cf5e5dd4d41853d9f0129b7e50adb73601ae12d
-
SHA512
4831054b7d0cf3d5077c29c9a88b7128aba1080456ebfc435f2d627f24aa90f25ffac9101d438b905cbbdde084170665724185ea31a88fcce4be424340d3147f
-
SSDEEP
1536:J0KcE91bU7NL8dwzVI0aG8ZlHpvnjMnWyGrPFW2iwTbW:z1gudw3j8ZlJPjuXyFW2VTbW
Static task
static1
Behavioral task
behavioral1
Sample
3b0c047848ecb06e0f64f72c4cf5e5dd4d41853d9f0129b7e50adb73601ae12dN.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
3b0c047848ecb06e0f64f72c4cf5e5dd4d41853d9f0129b7e50adb73601ae12dN.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
3b0c047848ecb06e0f64f72c4cf5e5dd4d41853d9f0129b7e50adb73601ae12dN
-
Size
64KB
-
MD5
62a133e86d98e46f3c7bc0e4a8808eb0
-
SHA1
5ad0f15fa7fc971e95eb08ad9ef8cbaddb3df6e0
-
SHA256
3b0c047848ecb06e0f64f72c4cf5e5dd4d41853d9f0129b7e50adb73601ae12d
-
SHA512
4831054b7d0cf3d5077c29c9a88b7128aba1080456ebfc435f2d627f24aa90f25ffac9101d438b905cbbdde084170665724185ea31a88fcce4be424340d3147f
-
SSDEEP
1536:J0KcE91bU7NL8dwzVI0aG8ZlHpvnjMnWyGrPFW2iwTbW:z1gudw3j8ZlJPjuXyFW2VTbW
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-