Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3e79ed8b90a2e350bc4097d3c5cf7c3a4631d2fa21500377790b7ef79ae03fca
-
Size
775KB
-
Sample
241121-y48lya1ncl
-
MD5
604f53a7bb3c0fe2169e438f300188f6
-
SHA1
d35e314bd9550f82457dd26097baebda006aef21
-
SHA256
3e79ed8b90a2e350bc4097d3c5cf7c3a4631d2fa21500377790b7ef79ae03fca
-
SHA512
d5e47b49f6bf4af12d9164a2690714c30354278794a5f86414f302c3a15d5e6f629190c7f12475573edad6bbb07c6d8d4f1e6fd1bcce7194402de320f9a64c3e
-
SSDEEP
12288:PvwLBMk5WzvkmOS7aS294CSAGlMqd1C7i69qpyr7bhYlKdAFsLYfivc9v:3wx5WrP7ddC3gMqdGiyqczhc1oYfie
Static task
static1
Behavioral task
behavioral1
Sample
7612746d01cffc33f8f613b57bf35822aad22277ca6c071efe990dadd2fbc853.exe
Resource
win7-20240903-en
Malware Config
Extracted
xloader
2.5
qr26
libreriarenemoreno.com
searingrofivt.xyz
liveincare-online.com
nahda92.com
oki-net.com
onlinedelivery.biz
marianiartspace.online
wildeblum.biz
adelaideofficeinteriors.com
plickthepick.com
qhyingtu.com
enjoy2m.xyz
037yu.xyz
poseidonvips.com
intricatepainting.com
cwdestore.com
nordic-aesthetics.com
80cq926.top
arbiz.farm
yun183.xyz
onboardaltdigitalavg.rest
daidalo.com
hnjst.net
mothersmilktn.com
sixfigurefundamentals.com
sentpostja.com
moonsonkashback.xyz
primelinedistanc.ltd
someglimpses.com
omniahgames.com
shabupaperpot.com
shepinhang.net
dcfrc.com
goldenrhythm.com
watchonlineplay.xyz
brisbanecarcollectors.com
northernlightdebtrelief.com
mmnbm.com
localmarketagents.com
alba-laser.com
miamitaxes1040.com
internaturalestetik.com
konjophotos.com
smartsew.online
jack-barbara-memorial.com
mimihin.com
cahc.info
vanlifedubai.com
sogu.one
phpmv.com
colorfulfluidchaos.com
sfheatpumps.com
mintbox.pro
sugarkelly.com
testimonial.direct
albayscofield.club
1ees.com
enrevologix.com
birchbayapartments.com
kincsemto.net
toptraveltouch.com
arrowelectronics-corp.net
institutozavaleta.com
stoneprodirectory.com
iwjvit.com
Targets
-
-
Target
7612746d01cffc33f8f613b57bf35822aad22277ca6c071efe990dadd2fbc853
-
Size
886KB
-
MD5
f508abf920fbd52e54dba67bcfd561ba
-
SHA1
e4b6476bbb722f0c6513284d827b9290d6056489
-
SHA256
7612746d01cffc33f8f613b57bf35822aad22277ca6c071efe990dadd2fbc853
-
SHA512
fcfb71e4745b40d5a0366295202bc1732578c38adb2ec605938ebb5fe06f4c9fa64e090a4d713453fed17bea3c3fe34f9342ee10c69b00ce9206fd4527c34ca3
-
SSDEEP
24576:6qyd9G4LZ5fO7p9zgAAdsyyq4ZZsVoAc:8d9G4tA9gAAdsdq4HV/
-
Xloader family
-
Xloader payload
-
Suspicious use of SetThreadContext
-