Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NitroGift.exe

  • Size

    13.0MB

  • Sample

    230711-qy359sae21

  • MD5

    4844a731d2261069aef12777f18cf59e

  • SHA1

    2d5a1d27bca288b7488ee8a610283044758fb7d7

  • SHA256

    1dd9011c7f2faccae6b075e26c6c63977ef29ae1b761e6ba0a2479dc8a3de01e

  • SHA512

    10641e034b6f8551f9beb7d34f61e55bfb9b40802c8278561a141ea141c528a98173de99f4b0b95a81f2b386d0f3ee7963e2d9410dabac51918d6b4d0fdfc1f6

  • SSDEEP

    196608:dYfwccBDzf4LBIP6tdQmRJ8dA6lSuVaycBIGpEKo6hTOv+QKf0f4bOUfGlEf07O8:Xcszf490SdQuslSl9DoWOv+9fA4UEf

Malware Config

Targets

    • Target

      NitroGift.exe

    • Size

      13.0MB

    • MD5

      4844a731d2261069aef12777f18cf59e

    • SHA1

      2d5a1d27bca288b7488ee8a610283044758fb7d7

    • SHA256

      1dd9011c7f2faccae6b075e26c6c63977ef29ae1b761e6ba0a2479dc8a3de01e

    • SHA512

      10641e034b6f8551f9beb7d34f61e55bfb9b40802c8278561a141ea141c528a98173de99f4b0b95a81f2b386d0f3ee7963e2d9410dabac51918d6b4d0fdfc1f6

    • SSDEEP

      196608:dYfwccBDzf4LBIP6tdQmRJ8dA6lSuVaycBIGpEKo6hTOv+QKf0f4bOUfGlEf07O8:Xcszf490SdQuslSl9DoWOv+9fA4UEf

    Score
    7/10
    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Target

      main.pyc

    • Size

      29KB

    • MD5

      6a99bfecfca3d302c5e84fcffc17c2cb

    • SHA1

      e5ba4fbec7b12250114283f59f3ec6f63fcb6541

    • SHA256

      9c63041462f5807702cf3db884ae1e45f76a3ee9ed601439734f1864a0ac47d2

    • SHA512

      3a51941b73893a1d69f5897cc4a61ed8f74b51a304ec5286daa713cd842c225849d85f97b5f504a101e1446af982de6e1fbe7e1433697b17b57596adb8274b5f

    • SSDEEP

      768:pivl0d5jYDAlk+qA+GPiNq2V7OpIVFRvHr2phHPU+ImEKQlw7cC8kHC:kexjiqgSyVPVmVQlRii

    Score
    3/10

MITRE ATT&CK Enterprise v6

Tasks