Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

29/12/2022, 21:44

221229-1lhnxaec32 7

29/12/2022, 21:39

221229-1hrgmshe3z 7

General

  • Target

    setup.exe

  • Size

    11.1MB

  • Sample

    221229-1lhnxaec32

  • MD5

    57b7e94de6ac64dfd63c7dce836fe73d

  • SHA1

    06f62b7ac78e858123932aee6fe9986a4a5a6e8f

  • SHA256

    f5c0ba21aedc485e001cc25b51e5b8ea5e682d4bb6bfd722e12b1d774832867f

  • SHA512

    598646fadbbf037e226233439c4ed9a495a57a8078522a08df5e0694907ffaa3a94649a863afde374c42b83f18408aeee1fe33e005d2e8a5970034e71e984063

  • SSDEEP

    196608:OdLaAX2gyJBd1obcnn1HXpeL2Vmd6+DWMTNfwZHYYAovCw/jLgMJIytDV93DBvng:6xdyJhoon13peL2Vmd6mWMBktCwoMJ/d

Malware Config

Targets

    • Target

      setup.exe

    • Size

      11.1MB

    • MD5

      57b7e94de6ac64dfd63c7dce836fe73d

    • SHA1

      06f62b7ac78e858123932aee6fe9986a4a5a6e8f

    • SHA256

      f5c0ba21aedc485e001cc25b51e5b8ea5e682d4bb6bfd722e12b1d774832867f

    • SHA512

      598646fadbbf037e226233439c4ed9a495a57a8078522a08df5e0694907ffaa3a94649a863afde374c42b83f18408aeee1fe33e005d2e8a5970034e71e984063

    • SSDEEP

      196608:OdLaAX2gyJBd1obcnn1HXpeL2Vmd6+DWMTNfwZHYYAovCw/jLgMJIytDV93DBvng:6xdyJhoon13peL2Vmd6mWMBktCwoMJ/d

    Score
    7/10
    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v6

Tasks