Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Legacysurvival.exe

  • Size

    61.8MB

  • Sample

    231022-zlz3hscg2x

  • MD5

    ad1a360bd80604fb0bde1c21df7e25a3

  • SHA1

    05907fac216a0c1c7152af48c4456e0c2362da29

  • SHA256

    6ddff7c536c3f86f1067823ff7298ab6ca32a39f5e5b1dc8cc87a82b938ff260

  • SHA512

    e0a799ea18ef2536d6b94ecd5e860fffd707f0d57b42c3e88baa43d62125164bd60ba0e1c67ef5ec3d405e3bd3871236b6de5bd4171ba44b58e74e3fa2fe829b

  • SSDEEP

    1572864:Lm6UkjGIjlwHhqm421FUE553VO1vXW0H76mlagtJ:C6UkjhqHh+cuEHFORnblagtJ

Score
7/10

Malware Config

Targets

    • Target

      Legacysurvival.exe

    • Size

      61.8MB

    • MD5

      ad1a360bd80604fb0bde1c21df7e25a3

    • SHA1

      05907fac216a0c1c7152af48c4456e0c2362da29

    • SHA256

      6ddff7c536c3f86f1067823ff7298ab6ca32a39f5e5b1dc8cc87a82b938ff260

    • SHA512

      e0a799ea18ef2536d6b94ecd5e860fffd707f0d57b42c3e88baa43d62125164bd60ba0e1c67ef5ec3d405e3bd3871236b6de5bd4171ba44b58e74e3fa2fe829b

    • SSDEEP

      1572864:Lm6UkjGIjlwHhqm421FUE553VO1vXW0H76mlagtJ:C6UkjhqHh+cuEHFORnblagtJ

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks