Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.10b81265235cb48dbabf45d482c52630.exe

  • Size

    8.0MB

  • Sample

    231116-z2sclsgg8z

  • MD5

    10b81265235cb48dbabf45d482c52630

  • SHA1

    fd406b2bff9ac4abd36e1ba6ee366cf4575ee068

  • SHA256

    999b9b70d5078d72d6b018824ad58e53dd6703c1bd9fa9bc0a6ec46724450161

  • SHA512

    1d004444819bef2584d16c3bd1841cf4c86085c7e4649932cd5b4087f13725c7e9dd432fbc1b1419b2ece0515254a742b55957cf6c549f170002ec16531dcb69

  • SSDEEP

    196608:NoMl8D1jXgPo2S9+ULdNPtbuPZOOmnqogHh/p3k:kmw2SlLdNPt6ROOmqZn3k

Malware Config

Targets

    • Target

      NEAS.10b81265235cb48dbabf45d482c52630.exe

    • Size

      8.0MB

    • MD5

      10b81265235cb48dbabf45d482c52630

    • SHA1

      fd406b2bff9ac4abd36e1ba6ee366cf4575ee068

    • SHA256

      999b9b70d5078d72d6b018824ad58e53dd6703c1bd9fa9bc0a6ec46724450161

    • SHA512

      1d004444819bef2584d16c3bd1841cf4c86085c7e4649932cd5b4087f13725c7e9dd432fbc1b1419b2ece0515254a742b55957cf6c549f170002ec16531dcb69

    • SSDEEP

      196608:NoMl8D1jXgPo2S9+ULdNPtbuPZOOmnqogHh/p3k:kmw2SlLdNPt6ROOmqZn3k

    • Drops file in Drivers directory

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks