Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b2.exe

  • Size

    4.6MB

  • Sample

    230630-n9axraah9s

  • MD5

    2afcac7aaede32980c96fda99c8c8677

  • SHA1

    436e83ce6882e798e5bb6d89a31913285886d3a2

  • SHA256

    1cd60650fa3e560d8f7c80d4d059e669e64486bd3ca6daed52d8fdce14d0455b

  • SHA512

    5ccba16f2b31f1271487729c6d502529fa329d56dc126f080481d567c37c7ed68760c808e7fb6559293c65cf9ea8deca67ba2670a42a806d7e158ce79a513907

  • SSDEEP

    98304:DbcuGWyADhhIab1bvece79p6T215vhx8ovhqg4zi4RWouv60FFS7W:0dyhhIaZNeZy2Lb8Uf4G4EoE6t

Score
7/10

Malware Config

Targets

    • Target

      b2.exe

    • Size

      4.6MB

    • MD5

      2afcac7aaede32980c96fda99c8c8677

    • SHA1

      436e83ce6882e798e5bb6d89a31913285886d3a2

    • SHA256

      1cd60650fa3e560d8f7c80d4d059e669e64486bd3ca6daed52d8fdce14d0455b

    • SHA512

      5ccba16f2b31f1271487729c6d502529fa329d56dc126f080481d567c37c7ed68760c808e7fb6559293c65cf9ea8deca67ba2670a42a806d7e158ce79a513907

    • SSDEEP

      98304:DbcuGWyADhhIab1bvece79p6T215vhx8ovhqg4zi4RWouv60FFS7W:0dyhhIaZNeZy2Lb8Uf4G4EoE6t

    Score
    7/10
    • Reads local data of messenger clients

      Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v6

Tasks