Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Invoice.exe

  • Size

    780KB

  • Sample

    230825-natwksch31

  • MD5

    8f640a0035e12ea1122856ae2c6e5eaf

  • SHA1

    bbca60cf2a5395b1ba00171251c114ad1f3736da

  • SHA256

    377113e1a7ba66c25bc72f9bd79e9dd26ecbb6c9128d07f2deed92a1f0803f25

  • SHA512

    2570b5677f10fbc8bb4153aba95e8f84878290948a26dfeef72d38794a7e16baee9ee88ee775a1687c6aedb414007d19629a1d933beb9a8b34dd76bdaba5b3be

  • SSDEEP

    12288:n8cpVgEe+AapAhPXX1eqOLWNV2YgGg6xIb4dupGOwI7AFQ4Sp:8cPgR3hPnIPLWXI3fqiDvEFSp

Score
7/10

Malware Config

Targets

    • Target

      Invoice.exe

    • Size

      780KB

    • MD5

      8f640a0035e12ea1122856ae2c6e5eaf

    • SHA1

      bbca60cf2a5395b1ba00171251c114ad1f3736da

    • SHA256

      377113e1a7ba66c25bc72f9bd79e9dd26ecbb6c9128d07f2deed92a1f0803f25

    • SHA512

      2570b5677f10fbc8bb4153aba95e8f84878290948a26dfeef72d38794a7e16baee9ee88ee775a1687c6aedb414007d19629a1d933beb9a8b34dd76bdaba5b3be

    • SSDEEP

      12288:n8cpVgEe+AapAhPXX1eqOLWNV2YgGg6xIb4dupGOwI7AFQ4Sp:8cPgR3hPnIPLWXI3fqiDvEFSp

    Score
    7/10
    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks