Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.06e39601dade42d7f2afdcc5e1d18885.exe

  • Size

    3.3MB

  • Sample

    231115-t4k4escf25

  • MD5

    06e39601dade42d7f2afdcc5e1d18885

  • SHA1

    dbfab9aac699a55c0de4f2c529ff5255d4bbc58e

  • SHA256

    9be5390217c892e0c188238eb99c1e6191d82560d4a5548b843b28e13ace673d

  • SHA512

    352aaed4a9a1ad7464686cedefa059928af52aad1192a4760f03ebfe3c8654a54198a4bfdb401ad0450c5c58ebc9e870a4bca183d29f3bfc69aeac9b52d009f3

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBYB/bSqz8b6LNXJqI20tq/:sxX7QnxrloE5dpUprbVz8eLFcz1/

Malware Config

Targets

    • Target

      NEAS.06e39601dade42d7f2afdcc5e1d18885.exe

    • Size

      3.3MB

    • MD5

      06e39601dade42d7f2afdcc5e1d18885

    • SHA1

      dbfab9aac699a55c0de4f2c529ff5255d4bbc58e

    • SHA256

      9be5390217c892e0c188238eb99c1e6191d82560d4a5548b843b28e13ace673d

    • SHA512

      352aaed4a9a1ad7464686cedefa059928af52aad1192a4760f03ebfe3c8654a54198a4bfdb401ad0450c5c58ebc9e870a4bca183d29f3bfc69aeac9b52d009f3

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBYB/bSqz8b6LNXJqI20tq/:sxX7QnxrloE5dpUprbVz8eLFcz1/

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks