Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Nudes-Package.exe

  • Size

    61.6MB

  • Sample

    231013-3bqmwaeg71

  • MD5

    5878ff6a893ec47b030764f57a936570

  • SHA1

    a536f10d58839840c52864346770e07653a5e083

  • SHA256

    84de63be52b250f105faba956d156d281936ca549da87bb95481eb471153c5b9

  • SHA512

    5b598e96bfb799a3996c5d53a850037f628ba01062f54f7d78b557c4c54b624dcc9f0e6d79e8521ae56379738e205dfa62c995c5fba9684a60b94c627d4ec389

  • SSDEEP

    1572864:em60VAXfHPL5aaaN6bPQf7GU4znl3hcuaW460Eka:V68GHP9aPAa7GU4zl3hpaW460Eka

Score
7/10

Malware Config

Targets

    • Target

      Nudes-Package.exe

    • Size

      61.6MB

    • MD5

      5878ff6a893ec47b030764f57a936570

    • SHA1

      a536f10d58839840c52864346770e07653a5e083

    • SHA256

      84de63be52b250f105faba956d156d281936ca549da87bb95481eb471153c5b9

    • SHA512

      5b598e96bfb799a3996c5d53a850037f628ba01062f54f7d78b557c4c54b624dcc9f0e6d79e8521ae56379738e205dfa62c995c5fba9684a60b94c627d4ec389

    • SSDEEP

      1572864:em60VAXfHPL5aaaN6bPQf7GU4znl3hcuaW460Eka:V68GHP9aPAa7GU4zl3hpaW460Eka

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks