Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

61b43e0263...c4.exe

windows7-x64

1

61b43e0263...c4.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    61b43e0263b0f69e949aa8abec7fe73ed4728c7ef182b20895020510659f88c4

  • Size

    168KB

  • MD5

    48bc375445ed9fa2a42c2c9042d70b7e

  • SHA1

    205adec68bb55d46c4c1edfe2be2e698a9d6b645

  • SHA256

    61b43e0263b0f69e949aa8abec7fe73ed4728c7ef182b20895020510659f88c4

  • SHA512

    34925b51e638f9b13f8c963df116fa543eb5a85a834e85b78b9ac7aa5993733de6855e6a9faac17a66e69cda89f8591aa42e18ac30f775045e9d3f21d478d6fa

  • SSDEEP

    3072:HT+JK1EWLvqSUwBWou/niDQLA9v9VkgltT2rvqYap1ltC/sKAo3ZNx:HTvMc3u/iUKv9VkOifaN0VNx

Score
10/10
ratc6bixloader

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

c6bi

Decoy

jiasss.com

wendw.xyz

jagodi.com

piflytech.com

gate2-energy.com

customersandbuyers.com

idthuongfb32.com

savelakeohrid.info

chateaumignard.com

nakedaffection.com

taoluzhibo.ink

blockstorio.com

egdevils.online

milehui.xyz

gaminghallarna.com

crown-crossline.space

tancouj.quest

inimtc.com

mufustitch.com

thetwentiestea.com

Signatures

  • Xloader family
    xloader
  • Xloader payload 1 IoCs
    rat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 61b43e0263b0f69e949aa8abec7fe73ed4728c7ef182b20895020510659f88c4
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections