Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

18/09/2022, 20:20

220918-y4pttsffcm 7

06/09/2022, 17:36

220906-v63xpaeaam 6

06/09/2022, 16:28

220906-tys7vadbdm 6

General

  • Target

    baae5bbaf2decf7af9b22c4d10f66c7c77c9ebc7b73476f7cbe449d2bba97ed9

  • Size

    510KB

  • Sample

    220918-y4pttsffcm

  • MD5

    ed6ef92fd6754103464e85fa2599c687

  • SHA1

    18e351964011ee9fc577c1d5e203ed26cd42be9d

  • SHA256

    baae5bbaf2decf7af9b22c4d10f66c7c77c9ebc7b73476f7cbe449d2bba97ed9

  • SHA512

    3412545ae57aaa36998810e1d996d69e79a11ebcf878ee58024ec5c9fa0ef3c4d4f96775212335e577bb753cf435689285a02872647cbcfb3789f2135dd9f65e

  • SSDEEP

    12288:0UWB0BhudkAHhly0Tbf/SA/q0U0SXBh2qnu6:cSBhudkAvTrSA/q30SXBh2+u6

Malware Config

Targets

    • Target

      baae5bbaf2decf7af9b22c4d10f66c7c77c9ebc7b73476f7cbe449d2bba97ed9

    • Size

      510KB

    • MD5

      ed6ef92fd6754103464e85fa2599c687

    • SHA1

      18e351964011ee9fc577c1d5e203ed26cd42be9d

    • SHA256

      baae5bbaf2decf7af9b22c4d10f66c7c77c9ebc7b73476f7cbe449d2bba97ed9

    • SHA512

      3412545ae57aaa36998810e1d996d69e79a11ebcf878ee58024ec5c9fa0ef3c4d4f96775212335e577bb753cf435689285a02872647cbcfb3789f2135dd9f65e

    • SSDEEP

      12288:0UWB0BhudkAHhly0Tbf/SA/q0U0SXBh2qnu6:cSBhudkAvTrSA/q30SXBh2+u6

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses Microsoft Outlook profiles

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v6

Tasks