Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

22/12/2023, 10:03

231222-l3e7safdhj 8

22/12/2023, 08:56

231222-kv19lsgab9 7

14/08/2023, 12:27

230814-pmrsesca25 7

General

  • Target

    SetupImgBurn_2.5.7.0.exe

  • Size

    5.8MB

  • Sample

    231222-kv19lsgab9

  • MD5

    07213c58cbfef1ace1dc0b8dae4c976f

  • SHA1

    e1487d1bc73ac24a0f3d89bd6326056b1ab1f545

  • SHA256

    78f3c6c29aee2c929396a110dff21af45fac3563ea9108f136221a0107cb6ad5

  • SHA512

    eaf949f13f621c0de25f76aef6e2d17405e1d3e2b1e609001378f839d63b8203b29dc11c34bfb73e5731dbd186156e3dbab732c562d0196230aa3923ceec22ea

  • SSDEEP

    98304:9bmuw2tIql+hgomPSE2/a8ACkk1Dhl92Qk4f+7ZR+1kSGEwG71S4dQgo4:9/nnlMgo4SuzCkk1Dhl9xk4fOZk1H713

Malware Config

Targets

    • Target

      Device/HarddiskVolume1/Users/RinuThomas/Documents/Rkays office/PAAET/transas 01-2013 mfc & tgs/david krof/_INSTALL/SetupImgBurn_2.5.7.0.exe

    • Size

      5.8MB

    • MD5

      8b15eb749457b601495c87f465c525f4

    • SHA1

      13ddfa1862b74bdbbc06fc8766b36b9b73b25760

    • SHA256

      3b61ce3d5d75fe4a90313741cdfa71c47ba6543fc568ab3293ed33983ff717d8

    • SHA512

      370692e5d36d3fe4d4f42cd3d5d00987b54ca834582b6668f30d44beba1540ad1aa31f2429d0aac0350465b53e72f8ffc67ac459005b7f2a585e4219d4b2022f

    • SSDEEP

      98304:JlN/A476UGGtP3G0FWPuJeXIWPafmioWzyN52lop0vBmL+1fKdqFT0CHVHkVE29L:JH/6UGGRGUeuoXI/mioWzm5u2gcL+tFe

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks