Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

ant.exe

windows7-x64

7

ant.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ant.exe

  • Size

    69.1MB

  • Sample

    230520-rtfd3scg37

  • MD5

    c810638c5cf0160ce895b92a367c3cba

  • SHA1

    7120957143b3e0bab98a926fe7025167f2e057a2

  • SHA256

    ee8021a0ed837e2ff4f302bd75a537fac58a3c8fcef858aed8dc2d9abd2addc8

  • SHA512

    b940df085494264650b9d7d1e7b98cd0aea7c8412c8879bdd43f02da29fa2205da5ea4268c65aead749aadc50016342698d52aef8ead30940e47a369dc260997

  • SSDEEP

    1572864:XjddGvDfvlA7QSq5iJBthhAQaRAVvhHUzqkbeIq6o3LuduCym0L6:TGvDfvO7/q5iHzmQ++Z8qkbeIqz3Lu6O

Score
7/10
spywarestealer

Malware Config

Targets

    • Target

      ant.exe

    • Size

      69.1MB

    • MD5

      c810638c5cf0160ce895b92a367c3cba

    • SHA1

      7120957143b3e0bab98a926fe7025167f2e057a2

    • SHA256

      ee8021a0ed837e2ff4f302bd75a537fac58a3c8fcef858aed8dc2d9abd2addc8

    • SHA512

      b940df085494264650b9d7d1e7b98cd0aea7c8412c8879bdd43f02da29fa2205da5ea4268c65aead749aadc50016342698d52aef8ead30940e47a369dc260997

    • SSDEEP

      1572864:XjddGvDfvlA7QSq5iJBthhAQaRAVvhHUzqkbeIq6o3LuduCym0L6:TGvDfvO7/q5iHzmQ++Z8qkbeIqz3Lu6O

    Score
    7/10
    spywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks