Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    main.exe

  • Size

    11.7MB

  • Sample

    231224-z8yg7segaq

  • MD5

    4b493a0327eea41a468ec32685eeba25

  • SHA1

    036bcbf9e1d777c68962ce3e6ff24fbe4acb03d6

  • SHA256

    82322372016b1c70f411ad0835fccf2a2a4cc10d34ec62dc52c0ae216ced4158

  • SHA512

    c8efae56ada521327b80c09a9cbf84604886ba999904c48d2e0318278e4a60357834f7ec2b3b41189dc85024101c7d7e5b6d713b151d75571bf4fc4b38ca9d8c

  • SSDEEP

    196608:+rD4RGdMjEznvLjv+bhqNVoB6Ck5c7GpNlI41J2mJLVk9ntlRbvOXiWCU0:hUdMjOjL+9qz86Ck+7q3D1Jq1bmXiWCU

Malware Config

Targets

    • Target

      main.exe

    • Size

      11.7MB

    • MD5

      4b493a0327eea41a468ec32685eeba25

    • SHA1

      036bcbf9e1d777c68962ce3e6ff24fbe4acb03d6

    • SHA256

      82322372016b1c70f411ad0835fccf2a2a4cc10d34ec62dc52c0ae216ced4158

    • SHA512

      c8efae56ada521327b80c09a9cbf84604886ba999904c48d2e0318278e4a60357834f7ec2b3b41189dc85024101c7d7e5b6d713b151d75571bf4fc4b38ca9d8c

    • SSDEEP

      196608:+rD4RGdMjEznvLjv+bhqNVoB6Ck5c7GpNlI41J2mJLVk9ntlRbvOXiWCU0:hUdMjOjL+9qz86Ck+7q3D1Jq1bmXiWCU

    Score
    7/10
    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks