Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Scanned #00461070823.exe

  • Size

    631KB

  • Sample

    230815-pdq5jaaf28

  • MD5

    30443cbfdff4997867216993a2e03e6a

  • SHA1

    b9a25eabb89cdbcf747a7cf459bf371788a2bf02

  • SHA256

    e0ed5480649bac717c4ba8fd6e9ea5abb907870cfeb125d13de7e5fedf8fae7d

  • SHA512

    ce62e1e81b99a372278687db88c0272dafc059b7b836e29fa6891b10b41622bd48437216cde63bcae777f1d64d38d7bc244f83cba654ab041d0dfd1381d3b53d

  • SSDEEP

    12288:7hBpkogUNWIXK0N3TzJuv8I7cMcSfMPqvhYRqu7dtP:N2ujzJu9cMVfJJfu7L

Score
7/10

Malware Config

Targets

    • Target

      Scanned #00461070823.exe

    • Size

      631KB

    • MD5

      30443cbfdff4997867216993a2e03e6a

    • SHA1

      b9a25eabb89cdbcf747a7cf459bf371788a2bf02

    • SHA256

      e0ed5480649bac717c4ba8fd6e9ea5abb907870cfeb125d13de7e5fedf8fae7d

    • SHA512

      ce62e1e81b99a372278687db88c0272dafc059b7b836e29fa6891b10b41622bd48437216cde63bcae777f1d64d38d7bc244f83cba654ab041d0dfd1381d3b53d

    • SSDEEP

      12288:7hBpkogUNWIXK0N3TzJuv8I7cMcSfMPqvhYRqu7dtP:N2ujzJu9cMVfJJfu7L

    Score
    7/10
    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks