Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

13/01/2025, 00:39 UTC

250113-azpfhaxkdy 10

13/01/2025, 00:01 UTC

250113-aaz6psykfm 10

12/01/2025, 16:33 UTC

250112-t2lbeazlev 10

General

  • Target

    sro.exe

  • Size

    63KB

  • MD5

    25b9a545a50344fba6466a63b52eb19c

  • SHA1

    ebd591bc64b6ba9777615be2cd29e4df42440b3d

  • SHA256

    5ad73a02b37b04f6c0b245582a1dad17888d3c340626b1a094d6237a37ced49b

  • SHA512

    927769f4061045b6d86ceb16e32606288f4b8d8752d64d05f1d9c348ed818be0b6ad354194192945ed228655f0736204b566952c125d80a179c2353137a7b39e

  • SSDEEP

    768:QvsM2sk/978SQC8A+XjpVqt04utME31+T4RSBGHmDbDXphioXxuk2ByNhCfSu0dP:j1/Md87uliYUb1hbwXQNTu0dpqKmY7

Score
10/10

Malware Config

Extracted

Family

asyncrat

Botnet

Default

C2

127.0.0.1:1111

http://daxon.giize.com:1111

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain
1
1Ww8aUCnuEwK3Qm4R1rYBnZKCrRjZclZ

Signatures

  • Async RAT payload 1 IoCs
  • Asyncrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • sro.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.