Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
50f072fd1dbe44db6c18f524a42723bacd5f5e1e046d36ac2a5be6629e00a153
-
Size
4.9MB
-
Sample
230328-qfjznscg9w
-
MD5
99f182634276ea2930bd52c5de269623
-
SHA1
e7183bec5f94403c75daf0175c2dc4faeffa30ce
-
SHA256
50f072fd1dbe44db6c18f524a42723bacd5f5e1e046d36ac2a5be6629e00a153
-
SHA512
a71bae98dee78ff1d44369d82c4bc53d046f669386d7ea65b60b3b928d1b28f92124e475d2ae6fc8ddddab4a751c4c6b3c33da4803b41c32d02f1411919c45db
-
SSDEEP
98304:s2T+CtWrLdY/urUVVj52hpvJ2XH83W5EhzzmzcNnq5OPPRb+W8g91otVxe2Nb6:PURjnJacvjqKJKpI2Nb
Malware Config
Targets
-
-
Target
50f072fd1dbe44db6c18f524a42723bacd5f5e1e046d36ac2a5be6629e00a153
-
Size
4.9MB
-
MD5
99f182634276ea2930bd52c5de269623
-
SHA1
e7183bec5f94403c75daf0175c2dc4faeffa30ce
-
SHA256
50f072fd1dbe44db6c18f524a42723bacd5f5e1e046d36ac2a5be6629e00a153
-
SHA512
a71bae98dee78ff1d44369d82c4bc53d046f669386d7ea65b60b3b928d1b28f92124e475d2ae6fc8ddddab4a751c4c6b3c33da4803b41c32d02f1411919c45db
-
SSDEEP
98304:s2T+CtWrLdY/urUVVj52hpvJ2XH83W5EhzzmzcNnq5OPPRb+W8g91otVxe2Nb6:PURjnJacvjqKJKpI2Nb
Score8/10-
Blocklisted process makes network request
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-