Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ð¦utoplð¦y.exe

  • Size

    6.9MB

  • Sample

    230109-f72zfsgf61

  • MD5

    a69200b284447ee873c9c90f5d8dc559

  • SHA1

    75651b61d2001081b9563f70694374a5a8e01c14

  • SHA256

    5b952bf985fd96067d53c27f6b7322b16da25f3e71e6a2bda1a6dcb51dd72c6c

  • SHA512

    355c20d06a4872d5bce1b1c4470c8972844094ddc3484bdf6450114068b4f5b097197f5f7bbec94c5c4b7932e4b0bfbaaae1493c8e28e8ba96c9982e5946b646

  • SSDEEP

    196608:LGeBG6tJR1RyW/jiJSrS3YUTb167X5we2sLY8qafPcV62q/PhB:PBGs1csizByX5we2svquEV62iB

Malware Config

Targets

    • Target

      ð¦utoplð¦y.exe

    • Size

      6.9MB

    • MD5

      a69200b284447ee873c9c90f5d8dc559

    • SHA1

      75651b61d2001081b9563f70694374a5a8e01c14

    • SHA256

      5b952bf985fd96067d53c27f6b7322b16da25f3e71e6a2bda1a6dcb51dd72c6c

    • SHA512

      355c20d06a4872d5bce1b1c4470c8972844094ddc3484bdf6450114068b4f5b097197f5f7bbec94c5c4b7932e4b0bfbaaae1493c8e28e8ba96c9982e5946b646

    • SSDEEP

      196608:LGeBG6tJR1RyW/jiJSrS3YUTb167X5we2sLY8qafPcV62q/PhB:PBGs1csizByX5we2svquEV62iB

    • Downloads MZ/PE file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks