Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4e6d9771fd2295096882e6356ef1c54aad80e153cd0e6fe0c8e72f774c1eb8c6
-
Size
168KB
-
MD5
80e06a0801c237ef1d494f7b3b102587
-
SHA1
0c283c12898cbadc768b7753d0a8cd2b79a10eda
-
SHA256
4e6d9771fd2295096882e6356ef1c54aad80e153cd0e6fe0c8e72f774c1eb8c6
-
SHA512
2ef4b5ea2dc0663ed4560390d880498546e5ef0a5ec2dce60233e45c459ac359b80f4c9a87128232eae27f7aeae786dd857fabfe1a2043c8b7724356b335cf42
-
SSDEEP
3072:SvJzqjdWswYi2Z8enC4MCvjtrXHNl8UBNHTbFlwe4yXnVh:SB6xNjMC7d3Nl8UDn/FnV
Malware Config
Extracted
xloader
2.5
bur5
beroutes.com
sweetascaramelllc.com
aramarksvc.com
orientschoolmanagement.com
christmaspyjamaclub.com
jieshunfa.com
17yue.online
vezzigioielli.com
kamisr.com
allfivestarnails.com
guidedmemoryjournals.com
theezteeshirtdisplay.com
cardanocities.com
helcarpostos.com
voltage-restaurant-supply.xyz
533washingtonave.com
nuoertaijidian.com
touchpulsa.com
artgamble.ltd
negociosenlineamx.com
Signatures
-
Xloader family
-
Xloader payload 1 IoCs
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
4e6d9771fd2295096882e6356ef1c54aad80e153cd0e6fe0c8e72f774c1eb8c6
Headers
Sections