Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7b86c2ac160e902e7b0a20601e826e42ba1ca67842fd50cadb80e1066e0d96a8N
-
Size
1.1MB
-
Sample
241006-ejmn7awerh
-
MD5
cabbc373d667baa3d5177a801b31d4c0
-
SHA1
c2e65610dded0cceb77a4b1e787dd4aa88fb1da4
-
SHA256
7b86c2ac160e902e7b0a20601e826e42ba1ca67842fd50cadb80e1066e0d96a8
-
SHA512
ea22ebd892f203b21e78a3c3ac8d67d7789416df6058caf4dfd8dd5c6b214b94e3257dbcce558477e680240e92e64a10811035d6536dba447388fd17a4f207ee
-
SSDEEP
24576:uRmJkcoQricOIQxiZY1WNQDDiNNL8M39HKElALX5TEO:7JZoQrbTFZY1WNQRMY0oXNT
Static task
static1
Behavioral task
behavioral1
Sample
7b86c2ac160e902e7b0a20601e826e42ba1ca67842fd50cadb80e1066e0d96a8N.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
7b86c2ac160e902e7b0a20601e826e42ba1ca67842fd50cadb80e1066e0d96a8N.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
Protocol: smtp- Host:
mail.gmx.com - Port:
587 - Username:
[email protected] - Password:
Lowywett1947**1
Extracted
vipkeylogger
Targets
-
-
Target
7b86c2ac160e902e7b0a20601e826e42ba1ca67842fd50cadb80e1066e0d96a8N
-
Size
1.1MB
-
MD5
cabbc373d667baa3d5177a801b31d4c0
-
SHA1
c2e65610dded0cceb77a4b1e787dd4aa88fb1da4
-
SHA256
7b86c2ac160e902e7b0a20601e826e42ba1ca67842fd50cadb80e1066e0d96a8
-
SHA512
ea22ebd892f203b21e78a3c3ac8d67d7789416df6058caf4dfd8dd5c6b214b94e3257dbcce558477e680240e92e64a10811035d6536dba447388fd17a4f207ee
-
SSDEEP
24576:uRmJkcoQricOIQxiZY1WNQDDiNNL8M39HKElALX5TEO:7JZoQrbTFZY1WNQRMY0oXNT
Score10/10-
VIPKeylogger
VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-