Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b660ff6d5b64bb31076ff9b5011e819c2a34c4671746f2ebac9167729bcceb73
-
Size
1.1MB
-
Sample
221202-1286ssch4w
-
MD5
b76353f4f915d958df5617ac8c40ea67
-
SHA1
f565bad20741158afa83d4019ca9527afa1dbc64
-
SHA256
b660ff6d5b64bb31076ff9b5011e819c2a34c4671746f2ebac9167729bcceb73
-
SHA512
02c2a7e1d2ea6545ab608af8eed4b63c898339008a6b2e1fc6182eef27b1459de938d0edb5642b6187ace92b8ab399a333974e186dddf8357ff850f4b6cfc3b6
-
SSDEEP
24576:Etz8aJoW5Q4FA1If3x1bDPTnA52qmJwlpvj1ifNhLWp:iAA3XbPsIfNhLM
Malware Config
Targets
-
-
Target
b660ff6d5b64bb31076ff9b5011e819c2a34c4671746f2ebac9167729bcceb73
-
Size
1.1MB
-
MD5
b76353f4f915d958df5617ac8c40ea67
-
SHA1
f565bad20741158afa83d4019ca9527afa1dbc64
-
SHA256
b660ff6d5b64bb31076ff9b5011e819c2a34c4671746f2ebac9167729bcceb73
-
SHA512
02c2a7e1d2ea6545ab608af8eed4b63c898339008a6b2e1fc6182eef27b1459de938d0edb5642b6187ace92b8ab399a333974e186dddf8357ff850f4b6cfc3b6
-
SSDEEP
24576:Etz8aJoW5Q4FA1If3x1bDPTnA52qmJwlpvj1ifNhLWp:iAA3XbPsIfNhLM
Score8/10-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-