Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5f8aaf342051afd5949aa5119134405d

  • Size

    12.3MB

  • Sample

    231226-kapebaacc8

  • MD5

    5f8aaf342051afd5949aa5119134405d

  • SHA1

    0f403390eb2dd0187347c0598fe553b538e202d0

  • SHA256

    5f1d73602982331b76d49f123d1defdf29c394c7a84571b1834afeb2690dcadc

  • SHA512

    d85d545763ded0dc285460a0822b60912115185d630dbd4e9914e02354bd42695bf58763cb469c1c1bafa7359a420ae1f289a023af350f18f905c4fd95599548

  • SSDEEP

    393216:4QQBBFwWWEpCEDLJ83a10RtN3ZWbs1TJ2KsD:4QKFwW3pCEDtEa6tN3KO

Malware Config

Targets

    • Target

      5f8aaf342051afd5949aa5119134405d

    • Size

      12.3MB

    • MD5

      5f8aaf342051afd5949aa5119134405d

    • SHA1

      0f403390eb2dd0187347c0598fe553b538e202d0

    • SHA256

      5f1d73602982331b76d49f123d1defdf29c394c7a84571b1834afeb2690dcadc

    • SHA512

      d85d545763ded0dc285460a0822b60912115185d630dbd4e9914e02354bd42695bf58763cb469c1c1bafa7359a420ae1f289a023af350f18f905c4fd95599548

    • SSDEEP

      393216:4QQBBFwWWEpCEDLJ83a10RtN3ZWbs1TJ2KsD:4QKFwW3pCEDtEa6tN3KO

    Score
    7/10
    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks