Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
5b00fb007aa5f32d3988915ca620dcd2b8b294ab6c15351f875bc51bc8d609a4
-
Size
154KB
-
Sample
250117-ae2v4avqgx
-
MD5
1f4b546cb16987441246068d9c2383ce
-
SHA1
e5d7b0fe47c5229278a7a91b4b7dfc937d60bbb6
-
SHA256
5b00fb007aa5f32d3988915ca620dcd2b8b294ab6c15351f875bc51bc8d609a4
-
SHA512
6521db55eac53895d42a0b490b6da1dac8aa11b12f951ea3751dd892ef8f12d605551adb51bcc5d082915167321b8b1bbb206e9b5e2d3b4f78953ca838a57c18
-
SSDEEP
3072:O5NxdMj7DYOqLQJkZ6BZn0zNEkVRZS3Tn3icmK786HWy:AN03YOq6IPZEe3YLlD2y
Malware Config
Targets
-
-
Target
ONUS (4).exe
-
Size
219KB
-
MD5
4b571a5241c60fe43fe3819c6a9df813
-
SHA1
f6b2bd4a102e538b6b45a1d563304b831d2a9a9b
-
SHA256
0cc08a3fc33db7ed2075e49ac59ce9204a21ec8f2fe13559cbdc9cb77ca99289
-
SHA512
31740552db3de6b198960fb5c95794eda52b5bbf5f393eb053bd98c21d88258e34ea55fcde754b4173ed91bced87242f3d0f8dd3c93fed7c24c7810516e87e89
-
SSDEEP
3072:QArRIzPm7i7x2KhtCqE5bpcqiieyAd9g8QwyZ0+tvCiJ86AR+xx7CG9eeIUV:r4PO62KI5dcdield9grw0BH866cZeV
Score7/10-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-