Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

fc9327c9c2...9d.exe

windows7-x64

3

fc9327c9c2...9d.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f7deab8a7d486c8051ef6c5289a0fbb8e21105c0e9e8420012bfc798b234614d

  • Size

    497KB

  • Sample

    241121-ytfheawmfz

  • MD5

    a51471c7a0a2dda01fbdd9c91ab2717e

  • SHA1

    4e1d0d876381eb210604333bb621a6565ec60887

  • SHA256

    f7deab8a7d486c8051ef6c5289a0fbb8e21105c0e9e8420012bfc798b234614d

  • SHA512

    efc101e70fc82df1913f28be8fba4da984a9663df4d084bccd29a9b534cce5ae617f7262d2afd33613a02992754ae493815b21b74a592d621196bb1829b90f06

  • SSDEEP

    12288:MyzJGw+koTwuPLhpmV5TlKTf4f8kJksCI64OqU7yctTgvBNDS2/SExU:MyzQNkWLPLhpWKT4BJ5CIxiltTAPdU

Score
10/10
xloader9mj8discoveryloaderrat

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

9mj8

Decoy

limaodoce.net

rawscrubshop.com

plasmalifesaver.com

littleblackbook4guys.com

emilyreiserinnovation.com

taoz8.com

68gin.com

markel-eagles.com

cinasing.com

meetingobjective.com

fameww.com

thehealthyroots.com

awaytraveltnpasumo2.xyz

megiamgia.net

kitelandpark.com

bgwoodtoys.com

slim.guide

tddfinancial.info

motovip.store

bestofmaui.guide

Targets

    • Target

      fc9327c9c20c9935b758f802d2386624055b63c69cf71c9de004f4e963188f9d

    • Size

      534KB

    • MD5

      d016cff8d0370b9418c2fe87f4548537

    • SHA1

      d771cbe33f2d8357af56bd8104fc42983dff5fec

    • SHA256

      fc9327c9c20c9935b758f802d2386624055b63c69cf71c9de004f4e963188f9d

    • SHA512

      4e1402d7a4af4249b110f537a921b840a5c0911a194db64aca334c3047be5e1f8033c183b4429c0ffdd8e9b84661c866e20d2dc1f35691929f3ff83b6f557dce

    • SSDEEP

      12288:aGuHDHNo3qS/+r4SZm49kJSxDf7aL+88I9skqfK:aGuHDHi3qS/nmQCf7aLNRshK

    Score
    10/10
    discoveryxloader9mj8loaderrat

    • Xloader

      Xloader is a rebranded version of Formbook malware.

      loaderxloader

    • Xloader family

      xloader

    • Xloader payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.