Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    99acb2fe9bb5edfd4c6fe26a21deb78e.bin

  • Size

    15.8MB

  • Sample

    231229-chsgyacacl

  • MD5

    99acb2fe9bb5edfd4c6fe26a21deb78e

  • SHA1

    b459619e16196d0c9b51dee1ee907f5b03c0701e

  • SHA256

    29864c1ad3d7b31fea238ca3c74d35d6f6c67f96dff1b0dd3545f20516ca0f11

  • SHA512

    182b208f5a96fdae4b288d49962f02baff577f0b623ae21cacacf837a3ad7a10c8b514abd8cf94b83697e1246b6876fb9d11e24e8c143c79fbb6563ffeb2c43f

  • SSDEEP

    393216:3iIE7Yo9+4urntpUTLfhJsW+eGQRe9jo7BGcZm3/q66WCD6:M7r9+RTHUTLJSW+e5Re9MlVD6

Malware Config

Targets

    • Target

      99acb2fe9bb5edfd4c6fe26a21deb78e.bin

    • Size

      15.8MB

    • MD5

      99acb2fe9bb5edfd4c6fe26a21deb78e

    • SHA1

      b459619e16196d0c9b51dee1ee907f5b03c0701e

    • SHA256

      29864c1ad3d7b31fea238ca3c74d35d6f6c67f96dff1b0dd3545f20516ca0f11

    • SHA512

      182b208f5a96fdae4b288d49962f02baff577f0b623ae21cacacf837a3ad7a10c8b514abd8cf94b83697e1246b6876fb9d11e24e8c143c79fbb6563ffeb2c43f

    • SSDEEP

      393216:3iIE7Yo9+4urntpUTLfhJsW+eGQRe9jo7BGcZm3/q66WCD6:M7r9+RTHUTLJSW+e5Re9MlVD6

    Score
    7/10
    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks