Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Behavioral task
behavioral1
Sample
TOP FREE BYPASSER.exe
Resource
win11-20250217-en
Behavioral task
behavioral2
Sample
TOP FREE BYPASSER.exe
Resource
win11-20250217-en
General
-
Target
TOP FREE BYPASSER.exe
-
Size
42KB
-
MD5
59abe1cbdc7e17862d6ab75df5d8eaf2
-
SHA1
ac58c202a279f3d175d2d35e9e4e605b1a2c0356
-
SHA256
e625a902a9b9ef31d21a6ec5caba611cc60bfcae80732018822e69eaa49ae60e
-
SHA512
7f1b4eef5850b13cf338fd0737c3aa4ba5f0501ce10639f2feb60c28eebedf7082dc12e3841d7737dbd9fc53636d37c91951a33fada06e2c0ea8dba40ee1eb3b
-
SSDEEP
768:MlMY8YKcKIEomMMuZJLb5TjNKZKfgm3Eh+U:FLYKcbceLb5TJF7EYU
Malware Config
Extracted
mercurialgrabber
https://discord.com/api/webhooks/1347141055732121690/e-EvRsMJVawTO-w1O-rDrN_E2vuW-Y_s69K_J4UvaiFv50l_kGqVgR7tbuyuStNVzMsz
Signatures
-
Mercurialgrabber family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource TOP FREE BYPASSER.exe
Files
-
TOP FREE BYPASSER.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 39KB - Virtual size: 39KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ