Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

DOCUMENTOS...ml.exe

windows7-x64

7

DOCUMENTOS...ml.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    DOCUMENTOS DE ENTREGA_html.exe

  • Size

    674KB

  • Sample

    230802-wcbf1sgc63

  • MD5

    81949c85d77f76164cb360626ac65f64

  • SHA1

    64371e3863e8ceeb40eacdfdf6a695106b275753

  • SHA256

    79c75f759d9a8443bdf2bbde5741af34b30e4c94bfa15ccf42dcb58f851e9a47

  • SHA512

    cabf793c5e31dbfe6f295ec0860acf70c29c4c63f2f4a9770e3e1b103e72e20efe8a90ad1812d74ac1d490f3a8cb10d831252a8a205d091255031e3ad3963e24

  • SSDEEP

    12288:Lg7JXmSOlBvtD1IyEj6xn2G8ch9oOLDFEBhUvYkKltDfNWR:Lg7cSOTJ1gj6pmOKgvY9D

Score
7/10
spywarestealer

Malware Config

Targets

    • Target

      DOCUMENTOS DE ENTREGA_html.exe

    • Size

      674KB

    • MD5

      81949c85d77f76164cb360626ac65f64

    • SHA1

      64371e3863e8ceeb40eacdfdf6a695106b275753

    • SHA256

      79c75f759d9a8443bdf2bbde5741af34b30e4c94bfa15ccf42dcb58f851e9a47

    • SHA512

      cabf793c5e31dbfe6f295ec0860acf70c29c4c63f2f4a9770e3e1b103e72e20efe8a90ad1812d74ac1d490f3a8cb10d831252a8a205d091255031e3ad3963e24

    • SSDEEP

      12288:Lg7JXmSOlBvtD1IyEj6xn2G8ch9oOLDFEBhUvYkKltDfNWR:Lg7cSOTJ1gj6pmOKgvY9D

    Score
    7/10
    spywarestealer

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

      spywarestealer

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

      spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks