Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Artic X Roblox Exploit V1.0.3B_56403.exe

  • Size

    9.4MB

  • Sample

    230919-xhhmysbc8y

  • MD5

    231636ef3b0e6ec1a3847d24cb479875

  • SHA1

    14d4f515f029b932c3ce040990f67323dbfeed46

  • SHA256

    6edb725dd187a89987530e502a8b17bba1d38079e9d226fca734d5ae9e378c71

  • SHA512

    d0a7da440f0ca6be153c57f3de5c383fd43580b9dec8a433000e4bc853a53ad77d2643a7e7ed0669767f57df583c687d76dc6e483614238e90279a0e1e8f43a9

  • SSDEEP

    196608:jfjFb/8YLUNrqNzpOrymQ3bKfIiaNPFHNRsiK6e:LjFbE/NrqNgryL3bIIiEHMn6e

Malware Config

Targets

    • Target

      Artic X Roblox Exploit V1.0.3B_56403.exe

    • Size

      9.4MB

    • MD5

      231636ef3b0e6ec1a3847d24cb479875

    • SHA1

      14d4f515f029b932c3ce040990f67323dbfeed46

    • SHA256

      6edb725dd187a89987530e502a8b17bba1d38079e9d226fca734d5ae9e378c71

    • SHA512

      d0a7da440f0ca6be153c57f3de5c383fd43580b9dec8a433000e4bc853a53ad77d2643a7e7ed0669767f57df583c687d76dc6e483614238e90279a0e1e8f43a9

    • SSDEEP

      196608:jfjFb/8YLUNrqNzpOrymQ3bKfIiaNPFHNRsiK6e:LjFbE/NrqNgryL3bIIiEHMn6e

    • Downloads MZ/PE file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks for any installed AV software in registry

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks