Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    file.exe

  • Size

    4.4MB

  • Sample

    230522-a3gvtsdb52

  • MD5

    6355c5f8f98ffd7042a07ed616a2bb34

  • SHA1

    c10c4de037d7c0aacce0acfdd02f012bff7233da

  • SHA256

    a4812a7dd2dd31471e590d7a45ddc945dfbd646512a048a39383427e8ea885cc

  • SHA512

    12778fdc50d26554f9ac06620aec6627c71c4afe1205ddf6aa1d8d1507e12cbe8a5d20c28053c0ff3e928787469e58bb4c90fb56544076aa21994212b4e9ee90

  • SSDEEP

    98304:V5OVT7lWSbmaQ2MRiRJsXmFb55E9SRoy6biRmUgCOjzO8Hoh8AqZ0:VQTzmaQ2MaVFbZyHbWWvO8HoL

Score
10/10

Malware Config

Targets

    • Target

      file.exe

    • Size

      4.4MB

    • MD5

      6355c5f8f98ffd7042a07ed616a2bb34

    • SHA1

      c10c4de037d7c0aacce0acfdd02f012bff7233da

    • SHA256

      a4812a7dd2dd31471e590d7a45ddc945dfbd646512a048a39383427e8ea885cc

    • SHA512

      12778fdc50d26554f9ac06620aec6627c71c4afe1205ddf6aa1d8d1507e12cbe8a5d20c28053c0ff3e928787469e58bb4c90fb56544076aa21994212b4e9ee90

    • SSDEEP

      98304:V5OVT7lWSbmaQ2MRiRJsXmFb55E9SRoy6biRmUgCOjzO8Hoh8AqZ0:VQTzmaQ2MaVFbZyHbWWvO8HoL

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks