Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    77a90478610c27bfc5d1c59e4d57f321de96504d8ee2e7787bd4b36065a06c12exe_JC.exe

  • Size

    880KB

  • Sample

    230805-ymgrwseb89

  • MD5

    8892023da568b32154a923d3db90437e

  • SHA1

    7d2939cfe310ad9b769df2b2afc494d188cdb34a

  • SHA256

    77a90478610c27bfc5d1c59e4d57f321de96504d8ee2e7787bd4b36065a06c12

  • SHA512

    43544bf471db2d50e2d823ace5c53ebc2de0c3a0b1ac2dfa4d2514363cfb2fbf05cb7c4553cff176fc94ab56e78bb4dec778c7dc0a95b5192381bdd730e5e4d6

  • SSDEEP

    12288:2kI6rALeeXXWczqmmVNFA0WVgXBE8pFBz/HrXXGAlz/zbwhm:2pHLjX3zEOVUKO/z/zXXgY

Score
7/10

Malware Config

Targets

    • Target

      77a90478610c27bfc5d1c59e4d57f321de96504d8ee2e7787bd4b36065a06c12exe_JC.exe

    • Size

      880KB

    • MD5

      8892023da568b32154a923d3db90437e

    • SHA1

      7d2939cfe310ad9b769df2b2afc494d188cdb34a

    • SHA256

      77a90478610c27bfc5d1c59e4d57f321de96504d8ee2e7787bd4b36065a06c12

    • SHA512

      43544bf471db2d50e2d823ace5c53ebc2de0c3a0b1ac2dfa4d2514363cfb2fbf05cb7c4553cff176fc94ab56e78bb4dec778c7dc0a95b5192381bdd730e5e4d6

    • SSDEEP

      12288:2kI6rALeeXXWczqmmVNFA0WVgXBE8pFBz/HrXXGAlz/zbwhm:2pHLjX3zEOVUKO/z/zXXgY

    Score
    7/10
    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks