Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    AnodonsGame.exe

  • Size

    62.3MB

  • Sample

    231011-sckg5sgd97

  • MD5

    c0636936eca5b1e26a0ea7355f27792e

  • SHA1

    097df5fe50c1a58b4a853b5b4ebfc0f59155b319

  • SHA256

    3d9e93b572bfd8779ff6ad74c3316bbbde0b5f97671566fad6ed97e59d2b0f31

  • SHA512

    2651019ed12dc3efb7d23665569c0954e488cf2e10118a48685d1336bfa6f7a3bdcefe11a7c5e7fde503125146637a81988b287bc334eb5f385ce6d2a87bcbc0

  • SSDEEP

    1572864:Sm649KMn8KQZNbvZrfFYC7jVdleLWiHxxD4gvp7fJa:R649KiPQbBFYWRH8WiHFp9a

Score
7/10

Malware Config

Targets

    • Target

      AnodonsGame.exe

    • Size

      62.3MB

    • MD5

      c0636936eca5b1e26a0ea7355f27792e

    • SHA1

      097df5fe50c1a58b4a853b5b4ebfc0f59155b319

    • SHA256

      3d9e93b572bfd8779ff6ad74c3316bbbde0b5f97671566fad6ed97e59d2b0f31

    • SHA512

      2651019ed12dc3efb7d23665569c0954e488cf2e10118a48685d1336bfa6f7a3bdcefe11a7c5e7fde503125146637a81988b287bc334eb5f385ce6d2a87bcbc0

    • SSDEEP

      1572864:Sm649KMn8KQZNbvZrfFYC7jVdleLWiHxxD4gvp7fJa:R649KiPQbBFYWRH8WiHFp9a

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks