Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    SetupDungeonShadow.rar

  • Size

    64.0MB

  • Sample

    230529-h9jxrsag3t

  • MD5

    73db1f18b96ab8c6508a4fd52592306e

  • SHA1

    ab10d6685e28750fd43be176bf6f4e6dcbfd5dce

  • SHA256

    1855c18921b201f23e3ca83e92d5a430b6ad0deb09103774aa0fe66ae74b7cb9

  • SHA512

    4efa91913f6f5c0f246d1a92a4744919c1ace2bce15f83df6a0f6550e42425540c76abbe2fe235a747911f349747795aa33496028ab395b78d77de1479d229a4

  • SSDEEP

    1572864:8jddrbW/qQpkqEragjwMVOY620hfgxRqmYs/32HhZ:MfW/qQpKTjrV9O9gWsGZ

Score
7/10

Malware Config

Targets

    • Target

      SetupDungeonShadow.exe

    • Size

      64.0MB

    • MD5

      36c884d9bab845bd8340aaac69175a6a

    • SHA1

      779e547ebba2f3d95f1710d6919410941ab7ba63

    • SHA256

      23949682baad321a3805f154825c11b4e3bdad067ec67aa92867c73addd65784

    • SHA512

      edd124d0014831dedbe2540250022dc4aa32097b46b43aa25f7e274c57aa13a72991150db396ab73b8814bf6a36578fda03ca421a749348fadd7576cfe2ba146

    • SSDEEP

      1572864:pjddrbW/qQpkqEragjwMVOY620hfgxRqmYs/32Hh:JfW/qQpKTjrV9O9gWsG

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks