Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
15/10/2024, 01:34
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
Minecraft Account stealer.exe
Resource
win7-20240903-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
Minecraft Account stealer.exe
Resource
win10v2004-20241007-en
4 signatures
150 seconds
General
-
Target
Minecraft Account stealer.exe
-
Size
180KB
-
MD5
1e8422e8c641899ec3561532a6b07128
-
SHA1
eb1ad66f271f080a761a3a798333e0bf316fd3d1
-
SHA256
f0cca7432b527a9818822d8b5fd1180ec4046101cc5f1f405a56b72ff27fc754
-
SHA512
f7cc4b1577c92f3843a71d4a2ed244f2ff2dc7bc53c99c5e0ebfc36564b2cb8f74703c0056c50feb6d693945e3098ac8da8c845a2d1620f3f573dc3971826ed0
-
SSDEEP
3072:w/THSgGC+f9DiUmCX+BvVTG8Lg29ieLAlF1h9AuAjc:qHFGT1VXINTG8LgAFAl7h9u
Score
10/10
Malware Config
Extracted
Credentials
Protocol: smtp- Host:
smtp.gmail.com - Port:
587 - Username:
[email protected] - Password:
yugioh12345
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 1488 wrote to memory of 108 1488 Minecraft Account stealer.exe 31 PID 1488 wrote to memory of 108 1488 Minecraft Account stealer.exe 31 PID 1488 wrote to memory of 108 1488 Minecraft Account stealer.exe 31