Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

clean(1).exe

windows7_x64

7

clean(1).exe

windows10_x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    clean(1).exe

  • Size

    1.5MB

  • Sample

    210412-n8daa42e4x

  • MD5

    840e844757113c05dc8618397202f357

  • SHA1

    da645fea1df7fd2cb07f9e8bd388bdc6e04c4750

  • SHA256

    28fbc35964c5a137d5e4bb2c770fbc6674d26fe478e18a0759e0647a44cb0d54

  • SHA512

    4f8a30151fa0706df66c8d66cfa3c12f82a4dc08478fdc936c59552a962273c46f26ed823f5cd6c73ba078b95ed94e1dab762c932d97f73d6dca8669b9949018

Score
7/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      clean(1).exe

    • Size

      1.5MB

    • MD5

      840e844757113c05dc8618397202f357

    • SHA1

      da645fea1df7fd2cb07f9e8bd388bdc6e04c4750

    • SHA256

      28fbc35964c5a137d5e4bb2c770fbc6674d26fe478e18a0759e0647a44cb0d54

    • SHA512

      4f8a30151fa0706df66c8d66cfa3c12f82a4dc08478fdc936c59552a962273c46f26ed823f5cd6c73ba078b95ed94e1dab762c932d97f73d6dca8669b9949018

    Score
    7/10
    discoveryspywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks