Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Injector.exe

  • Size

    18.4MB

  • Sample

    240102-stqeqagfbj

  • MD5

    483c43f21a3784dd6beaf089d12b2d5d

  • SHA1

    664a08d4ca379aae3fa45b26cf026b8fea1d7604

  • SHA256

    eb3c725200d161ae887674553c196f363c58984dd249bd788ddb80d9fdd6bccd

  • SHA512

    8e2fd48e4d47f35974f63a64bb73529ce6927d458eea5251fb6e3e8cae598832a5592d2efea2b43d644b9d6725d6018c8f9546c6d43b2ba4c758fc670d9d3027

  • SSDEEP

    393216:mqPnLFXlrLQpDOETgs77fGaDgwevE+HXyLSq:LPLFXNLQoE7zBX0gj

Malware Config

Targets

    • Target

      Injector.exe

    • Size

      18.4MB

    • MD5

      483c43f21a3784dd6beaf089d12b2d5d

    • SHA1

      664a08d4ca379aae3fa45b26cf026b8fea1d7604

    • SHA256

      eb3c725200d161ae887674553c196f363c58984dd249bd788ddb80d9fdd6bccd

    • SHA512

      8e2fd48e4d47f35974f63a64bb73529ce6927d458eea5251fb6e3e8cae598832a5592d2efea2b43d644b9d6725d6018c8f9546c6d43b2ba4c758fc670d9d3027

    • SSDEEP

      393216:mqPnLFXlrLQpDOETgs77fGaDgwevE+HXyLSq:LPLFXNLQoE7zBX0gj

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks