Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

a6d79208ff...59.exe

windows7-x64

a6d79208ff...59.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a6d79208ffd797d53bfaf8bebb9988f4400c138d0f3ecd466f6e6adb13cb4e59

  • Size

    759KB

  • Sample

    221125-l2766shd68

  • MD5

    d9ea4f8848c1349ce785e76c04f9c603

  • SHA1

    31933f0a34d0bdac3007b0248adfbe16916a9a7d

  • SHA256

    a6d79208ffd797d53bfaf8bebb9988f4400c138d0f3ecd466f6e6adb13cb4e59

  • SHA512

    ab257a38c41d4b1e32828ce418b238bbdba2ca969c5f66354a39958751ba2c9d72935a595901c890bcddb109de797042f7279e12b314967edcfd4db463d668ef

  • SSDEEP

    3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1

Score
10/10
persistencespywarestealer

Malware Config

Targets

    • Target

      a6d79208ffd797d53bfaf8bebb9988f4400c138d0f3ecd466f6e6adb13cb4e59

    • Size

      759KB

    • MD5

      d9ea4f8848c1349ce785e76c04f9c603

    • SHA1

      31933f0a34d0bdac3007b0248adfbe16916a9a7d

    • SHA256

      a6d79208ffd797d53bfaf8bebb9988f4400c138d0f3ecd466f6e6adb13cb4e59

    • SHA512

      ab257a38c41d4b1e32828ce418b238bbdba2ca969c5f66354a39958751ba2c9d72935a595901c890bcddb109de797042f7279e12b314967edcfd4db463d668ef

    • SSDEEP

      3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1

    Score
    10/10
    persistencespywarestealer

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Adds policy Run key to start application

      persistence

    • Executes dropped EXE

    • Sets file execution options in registry

      persistence

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks