Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    CrackedLB-PHONE.rar

  • Size

    18.2MB

  • MD5

    0f5619c7dbe2a736b93417e3dbca93e4

  • SHA1

    4f23afc94d5ec6925256f6e79c575356d5cb335f

  • SHA256

    9fa85129c0997203f7b60493778a0a93a46b5165cd1cb13e826605b25a502fc7

  • SHA512

    5a4bbfb0cc63ac06b4fd91061aba2458137d043994685901edc18efc19d5d84d9cc781fa6fafd7270a69a40bebc7526b96699c4623ec0933a7bc8476bb20dc88

  • SSDEEP

    393216:nuFvY7FLmM+ekiaDWHozUQ14bAG93dUMGhhQIdM7673A:nfKqki/cX14bAidVLO7Q

Score
10/10

Malware Config

Signatures

  • Detects Empyrean stealer 1 IoCs
  • Empyrean family
  • Detects Pyinstaller 1 IoCs
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • CrackedLB-PHONE.rar
    .rar
  • Cracked LB-PHONE/client/tool-formats.dll
    .dll windows:6 windows x64 arch:x64

    65541f5aaf4f0df8c24cf073b67233bc


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Cracked LB-PHONE/client/tool-vehrec.dll
    .dll windows:6 windows x64 arch:x64

    be5abafa9a8d38dc87424387710b234c


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Cracked LB-PHONE/client/vfs-core.dll
    .dll windows:6 windows x64 arch:x64

    8f1b64e4123962e04cd4315f7ca5b458


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Cracked LB-PHONE/client/voip-server-mumble.dll
    .dll windows:6 windows x64 arch:x64

    1c64ded5a749776a327cc948d4cdfd86


    Headers

    Imports

    Exports

    Sections

  • Cracked LB-PHONE/readme.txt
  • Cracked LB-PHONE/setup.exe
    .exe windows:5 windows x64 arch:x64

    1e92fd54d65284238a0e3b74b2715062


    Headers

    Imports

    Sections

  • main.pyc