Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    484e733c82b00366cbaba5baa7e6ec72_JC.exe

  • Size

    801KB

  • Sample

    231011-xbmckagb96

  • MD5

    484e733c82b00366cbaba5baa7e6ec72

  • SHA1

    5e9eb7af894586d408b82a0b98a7d06b4cf5ff92

  • SHA256

    730a53e01d0b79f83223bc08dbe0145b78f6cd735407d073d104c8625182b9c5

  • SHA512

    d491d78a4cd5d61c41b739c2277bfd81ec2620e244be2703637105cbc1c9ccf7067a94f76eadf0d597dd11761e908a47a7a46bb66f77139e40e737e9a047854e

  • SSDEEP

    12288:CEQoSsQMhJxjSysXTnsiMGfJDCEE/2CZ1cKUWd53/6aQc8XZqe8o2It336kzFlWn:CEriTnDJBW1cKnd16aGZR8zIt336kz30

Malware Config

Targets

    • Target

      484e733c82b00366cbaba5baa7e6ec72_JC.exe

    • Size

      801KB

    • MD5

      484e733c82b00366cbaba5baa7e6ec72

    • SHA1

      5e9eb7af894586d408b82a0b98a7d06b4cf5ff92

    • SHA256

      730a53e01d0b79f83223bc08dbe0145b78f6cd735407d073d104c8625182b9c5

    • SHA512

      d491d78a4cd5d61c41b739c2277bfd81ec2620e244be2703637105cbc1c9ccf7067a94f76eadf0d597dd11761e908a47a7a46bb66f77139e40e737e9a047854e

    • SSDEEP

      12288:CEQoSsQMhJxjSysXTnsiMGfJDCEE/2CZ1cKUWd53/6aQc8XZqe8o2It336kzFlWn:CEriTnDJBW1cKnd16aGZR8zIt336kz30

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks