Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ChromeSetup.exe

  • Size

    1.3MB

  • Sample

    230520-xfqwjseb76

  • MD5

    742a5ae0a20a6beebbf2b50596da79f8

  • SHA1

    a800d228b6919d25f81503fc082c07255e4d98fa

  • SHA256

    0e2d0992082dcc57abcf15c92f9150824af6feb5015964cf16160b6b031e6b8c

  • SHA512

    acc7cfc7ad1ff479025bd4e63bb15a191ec7f569fb44de84bb1e1d48151cfade534ad052f9f7da98a56cb6f244cdf6e242aa081f94b4690d6ac7166281492897

  • SSDEEP

    24576:sw8K9hcxXwcUlINc6iZOmmdLBR92w0WqXJJ15XncyTdiG0KtR:YKzcxXMiNc7SpFS1BjioR

Malware Config

Targets

    • Target

      ChromeSetup.exe

    • Size

      1.3MB

    • MD5

      742a5ae0a20a6beebbf2b50596da79f8

    • SHA1

      a800d228b6919d25f81503fc082c07255e4d98fa

    • SHA256

      0e2d0992082dcc57abcf15c92f9150824af6feb5015964cf16160b6b031e6b8c

    • SHA512

      acc7cfc7ad1ff479025bd4e63bb15a191ec7f569fb44de84bb1e1d48151cfade534ad052f9f7da98a56cb6f244cdf6e242aa081f94b4690d6ac7166281492897

    • SSDEEP

      24576:sw8K9hcxXwcUlINc6iZOmmdLBR92w0WqXJJ15XncyTdiG0KtR:YKzcxXMiNc7SpFS1BjioR

    • Downloads MZ/PE file

    • Modifies Installed Components in the registry

    • Sets file execution options in registry

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v6

Tasks