Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    SAT_DETALLES.jse

  • Size

    1.5MB

  • Sample

    230518-ycqbaace61

  • MD5

    b80eda713d874833ce8602797f153b4b

  • SHA1

    999db62072ef9ae69682317824506125cd9e2666

  • SHA256

    2cfc5721ed7487d96518c4aec56c0e74b8c55254947b3fffd5b3ca18a1d41b0a

  • SHA512

    bd5743d6efbad0fd03d48635b09eeb74a200cd21f554cd27e59060ba4e73d613adfd66dec8e97a52dc718f14e7ce6e80bf47aab162c232bfad707ea2fdc44c97

  • SSDEEP

    24576:iUDGATVfH4T9bXCMw0OOUZZur9J32okgKEWW5RtZIxlMHcwSAZZGIywUAFP4Rp7x:nxk9OMw0O9ZurawjtZMwLUGou3vxLe

Malware Config

Targets

    • Target

      SAT_DETALLES.jse

    • Size

      1.5MB

    • MD5

      b80eda713d874833ce8602797f153b4b

    • SHA1

      999db62072ef9ae69682317824506125cd9e2666

    • SHA256

      2cfc5721ed7487d96518c4aec56c0e74b8c55254947b3fffd5b3ca18a1d41b0a

    • SHA512

      bd5743d6efbad0fd03d48635b09eeb74a200cd21f554cd27e59060ba4e73d613adfd66dec8e97a52dc718f14e7ce6e80bf47aab162c232bfad707ea2fdc44c97

    • SSDEEP

      24576:iUDGATVfH4T9bXCMw0OOUZZur9J32okgKEWW5RtZIxlMHcwSAZZGIywUAFP4Rp7x:nxk9OMw0O9ZurawjtZMwLUGou3vxLe

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks