Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

4e6d9771fd...c6.exe

windows7-x64

1

4e6d9771fd...c6.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4e6d9771fd2295096882e6356ef1c54aad80e153cd0e6fe0c8e72f774c1eb8c6

  • Size

    168KB

  • Sample

    241121-ynbx2azphr

  • MD5

    80e06a0801c237ef1d494f7b3b102587

  • SHA1

    0c283c12898cbadc768b7753d0a8cd2b79a10eda

  • SHA256

    4e6d9771fd2295096882e6356ef1c54aad80e153cd0e6fe0c8e72f774c1eb8c6

  • SHA512

    2ef4b5ea2dc0663ed4560390d880498546e5ef0a5ec2dce60233e45c459ac359b80f4c9a87128232eae27f7aeae786dd857fabfe1a2043c8b7724356b335cf42

  • SSDEEP

    3072:SvJzqjdWswYi2Z8enC4MCvjtrXHNl8UBNHTbFlwe4yXnVh:SB6xNjMC7d3Nl8UDn/FnV

Score
10/10
xloaderbur5discoveryrat

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

bur5

Decoy

beroutes.com

sweetascaramelllc.com

aramarksvc.com

orientschoolmanagement.com

christmaspyjamaclub.com

jieshunfa.com

17yue.online

vezzigioielli.com

kamisr.com

allfivestarnails.com

guidedmemoryjournals.com

theezteeshirtdisplay.com

cardanocities.com

helcarpostos.com

voltage-restaurant-supply.xyz

533washingtonave.com

nuoertaijidian.com

touchpulsa.com

artgamble.ltd

negociosenlineamx.com

Targets

    • Target

      4e6d9771fd2295096882e6356ef1c54aad80e153cd0e6fe0c8e72f774c1eb8c6

    • Size

      168KB

    • MD5

      80e06a0801c237ef1d494f7b3b102587

    • SHA1

      0c283c12898cbadc768b7753d0a8cd2b79a10eda

    • SHA256

      4e6d9771fd2295096882e6356ef1c54aad80e153cd0e6fe0c8e72f774c1eb8c6

    • SHA512

      2ef4b5ea2dc0663ed4560390d880498546e5ef0a5ec2dce60233e45c459ac359b80f4c9a87128232eae27f7aeae786dd857fabfe1a2043c8b7724356b335cf42

    • SSDEEP

      3072:SvJzqjdWswYi2Z8enC4MCvjtrXHNl8UBNHTbFlwe4yXnVh:SB6xNjMC7d3Nl8UDn/FnV

    Score
    3/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks