Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    loaris-setup.exe

  • Size

    1.1MB

  • Sample

    221030-znf3esbceq

  • MD5

    3557cbd1876ca6e2665c5b5282e1a871

  • SHA1

    9ea8435f4be459f3dc2eb5908ac8e54936f5298b

  • SHA256

    6109e72c382692c62e32882b58056f0b57539536d18e82467aebaab230fe2516

  • SHA512

    c2d74a0803f622b490f366072e8479adcb0b284a67b8be5c67c91cce2544033e3c82d535a8e1e99817a53ef71783d429749190b2852fe7c1109e06ddf39c4cb2

  • SSDEEP

    24576:QEKqgMrl/srreblmDFEYRNCnLlL/W2DNct:GSl/srKluEoQpL/WYNct

Malware Config

Targets

    • Target

      loaris-setup.exe

    • Size

      1.1MB

    • MD5

      3557cbd1876ca6e2665c5b5282e1a871

    • SHA1

      9ea8435f4be459f3dc2eb5908ac8e54936f5298b

    • SHA256

      6109e72c382692c62e32882b58056f0b57539536d18e82467aebaab230fe2516

    • SHA512

      c2d74a0803f622b490f366072e8479adcb0b284a67b8be5c67c91cce2544033e3c82d535a8e1e99817a53ef71783d429749190b2852fe7c1109e06ddf39c4cb2

    • SSDEEP

      24576:QEKqgMrl/srreblmDFEYRNCnLlL/W2DNct:GSl/srKluEoQpL/WYNct

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Registers COM server for autorun

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Target

      out.upx

    • Size

      3.3MB

    • MD5

      669ac96beff87fecf0d19424c19bf230

    • SHA1

      8959e9e7afdeb2f94a7412501cc85c3f26d3a272

    • SHA256

      c23d5b537dc84ec275e43a0fc46c8b762ba82deac7a5110fd68242574b09baa7

    • SHA512

      14a53f15139b459024c7f72c21619bb204ae8713e5b1ffa0f1548a94ae8d777250bdd3e853d732a5d7a074846b36da5cad6e10781eac216266f969acc7a0928a

    • SSDEEP

      49152:iEdHK/HRsrPSJObikU4Lj2GjjawlnTAVL/WYNc3:Q/iLj2Gjjaw6L/WYNA

    Score
    1/10

MITRE ATT&CK Enterprise v6

Tasks