Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

30/06/2023, 00:41

230630-a19g3age9t 8

30/06/2023, 00:37

230630-ayfrzaff67 6

General

  • Target

    Vega X_94306.exe

  • Size

    8.7MB

  • Sample

    230630-a19g3age9t

  • MD5

    d95304d22479d196942a8e188113884c

  • SHA1

    f9f88c60a21b7348dd4732134862b80eb324be60

  • SHA256

    cc8884209d49144b756c86a3a65385307c06415776863eeec0746438ff8d3e36

  • SHA512

    67ad51defe3912434e6c1e9002027517e30c1ff7ddf6592bef10bb14c232b96a234520d92b6666bb9f6cae74a6caa2bb02b7c6c708925dbdc17782a04eeb472a

  • SSDEEP

    196608:yIIQxYuxFeQFrqNYaG59Fa9FVDNWXVkHo/EZb:rI0PFLrqNYv529PDNs2Ho/EZb

Malware Config

Targets

    • Target

      Vega X_94306.exe

    • Size

      8.7MB

    • MD5

      d95304d22479d196942a8e188113884c

    • SHA1

      f9f88c60a21b7348dd4732134862b80eb324be60

    • SHA256

      cc8884209d49144b756c86a3a65385307c06415776863eeec0746438ff8d3e36

    • SHA512

      67ad51defe3912434e6c1e9002027517e30c1ff7ddf6592bef10bb14c232b96a234520d92b6666bb9f6cae74a6caa2bb02b7c6c708925dbdc17782a04eeb472a

    • SSDEEP

      196608:yIIQxYuxFeQFrqNYaG59Fa9FVDNWXVkHo/EZb:rI0PFLrqNYv529PDNs2Ho/EZb

    • Downloads MZ/PE file

    • Modifies Installed Components in the registry

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks for any installed AV software in registry

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v6

Tasks