Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    965e4762099774891dae2545246cc445_JC.exe

  • Size

    76KB

  • Sample

    231012-1h43qsdf47

  • MD5

    965e4762099774891dae2545246cc445

  • SHA1

    b589a5c62a773acaf07285b6ed566d181bc2dbd4

  • SHA256

    07246af39caa4b793b01891460ddd554bac8cda2a2ecebd35e56e12459848afe

  • SHA512

    410ee4bd5a421fd5ae3191e5201907eead49580af8d50c61cd85a15f67c0b316ac832bc85507d3f96feebaf2cc3a34e8bde2edce85e5d68566a08fc3e1b2c7c1

  • SSDEEP

    1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTAtrq:ZhpAyazIlyazTAtrq

Malware Config

Targets

    • Target

      965e4762099774891dae2545246cc445_JC.exe

    • Size

      76KB

    • MD5

      965e4762099774891dae2545246cc445

    • SHA1

      b589a5c62a773acaf07285b6ed566d181bc2dbd4

    • SHA256

      07246af39caa4b793b01891460ddd554bac8cda2a2ecebd35e56e12459848afe

    • SHA512

      410ee4bd5a421fd5ae3191e5201907eead49580af8d50c61cd85a15f67c0b316ac832bc85507d3f96feebaf2cc3a34e8bde2edce85e5d68566a08fc3e1b2c7c1

    • SSDEEP

      1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTAtrq:ZhpAyazIlyazTAtrq

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks