Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

7

0a9ffa57d6...0d.dll

windows7-x64

8

0a9ffa57d6...0d.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0a9ffa57d65083c92e0d3d69b00f2f0d

  • Size

    26KB

  • Sample

    231230-b8dk2adgap

  • MD5

    0a9ffa57d65083c92e0d3d69b00f2f0d

  • SHA1

    ec88c8cf7b666e63cd800d869e56510e099b2943

  • SHA256

    9bfaf2f0b53f87d1452d4c2aa75027ffb8e66aee1462c3d9eb7a6e55bcac55c8

  • SHA512

    fa10ece8826badbbe1f572bfd9f4202b36dc499bca58a9d2e17ceb931b237f69867618fb2e7da732c5598cf24ad31008ebbf459380abbf071b849178eb193ae2

  • SSDEEP

    768:ReyHi8DRyr9dQDG2/q2ts9m7LTi7mHnfCNZZ2C6/ix49:YwR1APQTq269mji7mH+4ix49

Score
8/10
persistencespywarestealer

Malware Config

Targets

    • Target

      0a9ffa57d65083c92e0d3d69b00f2f0d

    • Size

      26KB

    • MD5

      0a9ffa57d65083c92e0d3d69b00f2f0d

    • SHA1

      ec88c8cf7b666e63cd800d869e56510e099b2943

    • SHA256

      9bfaf2f0b53f87d1452d4c2aa75027ffb8e66aee1462c3d9eb7a6e55bcac55c8

    • SHA512

      fa10ece8826badbbe1f572bfd9f4202b36dc499bca58a9d2e17ceb931b237f69867618fb2e7da732c5598cf24ad31008ebbf459380abbf071b849178eb193ae2

    • SSDEEP

      768:ReyHi8DRyr9dQDG2/q2ts9m7LTi7mHnfCNZZ2C6/ix49:YwR1APQTq269mji7mH+4ix49

    Score
    8/10
    persistencespywarestealer

    • Blocklisted process makes network request

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks