Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

10/06/2023, 23:35

230610-3ladmsgg7y 10

16/04/2023, 04:20

230416-ex772sae3v 7

General

  • Target

    DamnedSetup.exe

  • Size

    61.7MB

  • Sample

    230610-3ladmsgg7y

  • MD5

    aa2f460f18b6182077ccaef14e1a32e0

  • SHA1

    6df435e09112594190dbdd39eb8b138b8c04b52c

  • SHA256

    82f99623c166564ee2da03402eb0b6c282d9df66128a441a8d0237893343eae1

  • SHA512

    d5de3e2aa2674f6fb22d8b02817df2575019a988e0b45506ebd056863131bb1abc421ebe97b7e860b61e26e8a50d67adabde6f585f2737815c079e5711da4b92

  • SSDEEP

    786432:/avyqjtvARFf/Mrj5bWb/nQoa8uioaOfHnNFKVWkkbvSAgJDWq8+ugGe0Wl7:EtvetMtinHaBHNYV6vSAuZ8fgGe0Wl7

Score
10/10

Malware Config

Targets

    • Target

      DamnedSetup.exe

    • Size

      61.7MB

    • MD5

      aa2f460f18b6182077ccaef14e1a32e0

    • SHA1

      6df435e09112594190dbdd39eb8b138b8c04b52c

    • SHA256

      82f99623c166564ee2da03402eb0b6c282d9df66128a441a8d0237893343eae1

    • SHA512

      d5de3e2aa2674f6fb22d8b02817df2575019a988e0b45506ebd056863131bb1abc421ebe97b7e860b61e26e8a50d67adabde6f585f2737815c079e5711da4b92

    • SSDEEP

      786432:/avyqjtvARFf/Mrj5bWb/nQoa8uioaOfHnNFKVWkkbvSAgJDWq8+ugGe0Wl7:EtvetMtinHaBHNYV6vSAuZ8fgGe0Wl7

    Score
    10/10
    • Detects EpsilonStealer ASAR

    • Epsilon Stealer

      Information stealer.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v6

Tasks