Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.1efc0e1d03c7c7c3783aa5d49679a810.exe

  • Size

    4.0MB

  • Sample

    231102-t64zbaff7s

  • MD5

    1efc0e1d03c7c7c3783aa5d49679a810

  • SHA1

    2288313b7c092a0561cd788b64fd6a7c12a38288

  • SHA256

    c5bd60e1499f7fd1e9732a8a188d2dae2d7b1269ee3713f05dd39374bf97692d

  • SHA512

    39d75ec31cdf87ce402e72ee057cc5dba36f0a2a1e080063c67886f4a423e14c5f3dd8d3d5e32c1b476a60a4a3360cca74343de49577ce75064653499ac19526

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBmB/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUpBbVz8eLFcz

Malware Config

Targets

    • Target

      NEAS.1efc0e1d03c7c7c3783aa5d49679a810.exe

    • Size

      4.0MB

    • MD5

      1efc0e1d03c7c7c3783aa5d49679a810

    • SHA1

      2288313b7c092a0561cd788b64fd6a7c12a38288

    • SHA256

      c5bd60e1499f7fd1e9732a8a188d2dae2d7b1269ee3713f05dd39374bf97692d

    • SHA512

      39d75ec31cdf87ce402e72ee057cc5dba36f0a2a1e080063c67886f4a423e14c5f3dd8d3d5e32c1b476a60a4a3360cca74343de49577ce75064653499ac19526

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBmB/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUpBbVz8eLFcz

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks