Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
15b530a4f4a309ae537873ef1317476c788d1222a3b4cf4b3f6e3aa3e60bbc7b
-
Size
494KB
-
Sample
221020-n98h1scgfr
-
MD5
963383bf67029c42d33c0c98fc1c0860
-
SHA1
78b0b4ab6f19ddd86965169fb387a470b52415f7
-
SHA256
15b530a4f4a309ae537873ef1317476c788d1222a3b4cf4b3f6e3aa3e60bbc7b
-
SHA512
6d3bed1bde87dfba0d43eeebe8722b00e6c235d28f1810b7c65eaaa6ab7ff876569d0d6353c93ca4f040b57c17f8de9ddeb553a7f91581701c2bd797e02f8ec0
-
SSDEEP
12288:eOiR3CeCMyLcQNTl0xNLQVNA6Q42Ip3mbUeUlO02lUZG:eOEyLuxaV1vp3N2H
Malware Config
Targets
-
-
Target
15b530a4f4a309ae537873ef1317476c788d1222a3b4cf4b3f6e3aa3e60bbc7b
-
Size
494KB
-
MD5
963383bf67029c42d33c0c98fc1c0860
-
SHA1
78b0b4ab6f19ddd86965169fb387a470b52415f7
-
SHA256
15b530a4f4a309ae537873ef1317476c788d1222a3b4cf4b3f6e3aa3e60bbc7b
-
SHA512
6d3bed1bde87dfba0d43eeebe8722b00e6c235d28f1810b7c65eaaa6ab7ff876569d0d6353c93ca4f040b57c17f8de9ddeb553a7f91581701c2bd797e02f8ec0
-
SSDEEP
12288:eOiR3CeCMyLcQNTl0xNLQVNA6Q42Ip3mbUeUlO02lUZG:eOEyLuxaV1vp3N2H
Score10/10-
Modifies WinLogon for persistence
-
Modifies visibility of file extensions in Explorer
-
UAC bypass
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
Drops file in System32 directory
-