Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

9568c9d4f6...7b.exe

windows7-x64

1

9568c9d4f6...7b.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9568c9d4f60bdc5949169c2079ef5dd64ea211218bf894b43c646074769f3c7b

  • Size

    164KB

  • Sample

    241121-ytcfrawmfw

  • MD5

    719339e010de99c994600334cbc25254

  • SHA1

    185aebf945347dfd12618233cd7b3a2e9abe92f3

  • SHA256

    9568c9d4f60bdc5949169c2079ef5dd64ea211218bf894b43c646074769f3c7b

  • SHA512

    6183338faa6c0aa9f56a79e821c70da9ee09907a86d63381e24dbb526daa49e03a300018240f5dd1fa9f2581f846251c7a2528e8f2a10742cac7bc067d6e3692

  • SSDEEP

    3072:hiEb2GIdXLOCp1VvnS6P3NMoxStgX97kLBrZBSvRR5VzLVCA6CU7:vM1Rp1NS6vNMoxJ97kLh+vRR7zsA7U

Score
10/10
xloaderb62ndiscoveryrat

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

b62n

Decoy

childzplanet.com

nine8culture.com

yourfoodmenu.com

nxhxyzjy.com

nobelies.com

baetsupreme.net

indiadiscountedfares.com

iconnect-design.com

durston.store

sweetcreationsbyjp.com

ktieman.com

getvirtualaddress.com

cryptopoly-figures.com

minismi2.com

ricemoment.com

regionalhomescommercial.com

onelike.biz

d22.group

kwissleapp.com

cindyrandband.com

Targets

    • Target

      9568c9d4f60bdc5949169c2079ef5dd64ea211218bf894b43c646074769f3c7b

    • Size

      164KB

    • MD5

      719339e010de99c994600334cbc25254

    • SHA1

      185aebf945347dfd12618233cd7b3a2e9abe92f3

    • SHA256

      9568c9d4f60bdc5949169c2079ef5dd64ea211218bf894b43c646074769f3c7b

    • SHA512

      6183338faa6c0aa9f56a79e821c70da9ee09907a86d63381e24dbb526daa49e03a300018240f5dd1fa9f2581f846251c7a2528e8f2a10742cac7bc067d6e3692

    • SSDEEP

      3072:hiEb2GIdXLOCp1VvnS6P3NMoxStgX97kLBrZBSvRR5VzLVCA6CU7:vM1Rp1NS6vNMoxJ97kLh+vRR7zsA7U

    Score
    3/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks