Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

setup/rpg-eve.exe

windows7-x64

1

setup/rpg-eve.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    setup.zip

  • Size

    41.5MB

  • Sample

    221122-spesesbh7z

  • MD5

    2f1dd1f30aab07c24c9239a804a5028b

  • SHA1

    ca2c5e4dac5ca09b9de6d4e7511d0f6f913cf2ec

  • SHA256

    17d8bfa6ade24e9d22099031cd92a6ffcb385d2f90ef3c69ba9652a6c4d5896c

  • SHA512

    12fb7036f94f42c55e486a931bbdbef7584bacc5ab737c3e65d3d1d93afe2b3e62e6b3315791bbc197e10aa697ba093a5a10855b7f2b01be8022f4e4ce62c193

  • SSDEEP

    786432:5PtHsVoE3guPvR4G9cOl02WdimzbeEqLrv/iFKLdipl4gi/+RCmUDj:51gv3XX59h04akXSuipugi2P4j

Score
7/10
spywarestealer

Malware Config

Targets

    • Target

      setup/rpg-eve.exe

    • Size

      44.3MB

    • MD5

      1b8ab65ba110efe944cc87e8785f451f

    • SHA1

      aea4e61cf59aeed4a73a097d2b177113f76c997e

    • SHA256

      a7554d4a26ab500231d81d452eaf4a3a2209720da96f0f1401d2accc008fa1a6

    • SHA512

      c1d062a59a340386854226b2dc180e49a4853572a580b44d502b23cda5282adaaa40eb3ed5c3251b5853ecb14a05d91e559eca41ac6ca6ecf5625d1ee0a8b96e

    • SSDEEP

      786432:hx7blFrUB+quAZrY6XGk2NX7ljLmGc16WU:hRblBDqlJJ2F5RcgWU

    Score
    7/10
    spywarestealer

    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks