Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    794cf7b533a4fc9b3ec9f38240ff944952e0e04b9275a510a495f8ec8df10556

  • Size

    1.4MB

  • Sample

    221201-2htsfaca6v

  • MD5

    b8c770530fbbf660c60f010bb41aea47

  • SHA1

    d80f9426ec9b8674b51067296708afd26f7c8dc1

  • SHA256

    794cf7b533a4fc9b3ec9f38240ff944952e0e04b9275a510a495f8ec8df10556

  • SHA512

    72dbcc949445a70dbf01d94d099310e43918f53e457af9f3b95cc0579b0173b667240fb417c277a4683659992bc465f819b33df4bb5d6ab182e2526d934bad79

  • SSDEEP

    24576:i8oaOEZREGtLrZRxC1fDrOF/xpZREGtLrZRxC1fDrOF/x:iKJZRdLw7rW/DZRdLw7rW/

Score
8/10

Malware Config

Targets

    • Target

      794cf7b533a4fc9b3ec9f38240ff944952e0e04b9275a510a495f8ec8df10556

    • Size

      1.4MB

    • MD5

      b8c770530fbbf660c60f010bb41aea47

    • SHA1

      d80f9426ec9b8674b51067296708afd26f7c8dc1

    • SHA256

      794cf7b533a4fc9b3ec9f38240ff944952e0e04b9275a510a495f8ec8df10556

    • SHA512

      72dbcc949445a70dbf01d94d099310e43918f53e457af9f3b95cc0579b0173b667240fb417c277a4683659992bc465f819b33df4bb5d6ab182e2526d934bad79

    • SSDEEP

      24576:i8oaOEZREGtLrZRxC1fDrOF/xpZREGtLrZRxC1fDrOF/x:iKJZRdLw7rW/DZRdLw7rW/

    Score
    8/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

    • Reads local data of messenger clients

      Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks