Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
JaffaCakes118_46ccd7e9a3a8e24617a1a4b86de35b63b78e7f3b2472e9f920dc0fc691835dcd
-
Size
715KB
-
Sample
241221-1jh7nazqew
-
MD5
c039a23e7e5edb457bfb956e0ed636e4
-
SHA1
1d6e73d8cd6fd9a03e05b2ccb7c04d2348fa5afb
-
SHA256
46ccd7e9a3a8e24617a1a4b86de35b63b78e7f3b2472e9f920dc0fc691835dcd
-
SHA512
e0e02d50c0b43607fc50b5bdb89cf33c759d71d14efcd495842d34b861921d83cc1803435e1090a89c9bf11756e5d15514789a65fc5c1c96d34609f75c84d6db
-
SSDEEP
12288:5TISC1bCfTSEzVMWm1YdOhLrZE+9V6hXcZmrbzpPsfHxTT3i0nk8Y4yJDP9wCgxi:5TxC1OfBJwYdOhXK+8b9Pq5T3i0kBZ9R
Static task
static1
Behavioral task
behavioral1
Sample
608355d27f442ae5c435b22fa9c5757fe324ad753eb48755cbd92b8aa1e161ee.exe
Resource
win7-20240903-en
Malware Config
Extracted
formbook
4.1
g25e
2491254125.xyz
hookd.gay
uxmelange.com
startupvision3.com
evanwoosley-reed.com
uspalupdser.info
lx0599.com
grupoiaez.com
londonpapershop.com
cremas.store
risespec.com
olivierverdoyant.com
creatednow.com
epicureanhometreats.com
iqijp.com
vcraftboutique.com
furnaristudios.com
dealsgolf.com
djwoojs.com
boatslave.com
godimitators.com
aliatransandlogistics.com
882201.com
canadachildbenefit.online
gfmiami.com
turtlesintenerife.com
hrbyky.com
battlegroundcalifornia.com
52012f.com
oonrmine.xyz
shivkrantitvnews.com
omegabotics.com
wlchsl.com
valuemetamorphosis.com
kghbjx.xyz
10555ff.com
shxmnykj.com
ononoo.net
hanus.tech
9j4.net
drenkol.xyz
ghv0656.com
llynmservice.work
xrwcshheh.tokyo
medbump.online
gongzhibo.com
theplayonline.shop
gmwrk.com
pho-enix.online
zaliangbao.com
izzatwaseem.com
techweek.xyz
sl8249.top
rhogicsom.online
recordtv.net
scbjams.com
swiftmusk.com
closetsbydedign.com
1985555.com
nutrycafe.com
snafoodfoundation.com
philltowingandroadside.com
bidolupartner.xyz
gjwluxa.com
esmemariang.com
Targets
-
-
Target
608355d27f442ae5c435b22fa9c5757fe324ad753eb48755cbd92b8aa1e161ee.exe
-
Size
1014KB
-
MD5
7d420aa49e35f1af9427ebb0ba555027
-
SHA1
c052fae4e080073d322aaaf185a35767d2c35c2f
-
SHA256
608355d27f442ae5c435b22fa9c5757fe324ad753eb48755cbd92b8aa1e161ee
-
SHA512
b7f3c69c7ab137407d578fa41df21fdb3578ee6ea9f044f2a9555775059f6171f594d9ce229acd15d3625f813a9f85d521f84aa12b4a1671a3cf0f470ccce3c9
-
SSDEEP
12288:IlIKqEaiIj/C51Wy+p9rokT3SQmu/fz3c5aSIOknAyanFtAxEcm8:4IDdjO1Wp9rokT3PHzMN9CAnPAxFm8
-
Formbook family
-
Formbook payload
-
Suspicious use of SetThreadContext
-