Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    41fac0ed95daf15301bb58ac2be439f1.bin

  • Size

    1.0MB

  • Sample

    240106-cmdjksegak

  • MD5

    41fac0ed95daf15301bb58ac2be439f1

  • SHA1

    f9b4a3edd8a27b637e9230ec14359eb085e8bf1d

  • SHA256

    107fe599373eb273b4bb7a4b7a1bcdd28119aafa4f20ad84023c8d5d59f15618

  • SHA512

    1e2408033da24ff879f6e1ed43b85024261b5a76b0ce96d4d8c683d108434b094183cf57d5078a5dd4def8d1b12d1624f0428eb9a51d7371f18786659e4a4316

  • SSDEEP

    24576:PLiveU1AQ9OP2iJN9DKvzGRHWUOrvVdi+9zIlNTWs:PLNp9PN5mGRH0dL67

Malware Config

Targets

    • Target

      41fac0ed95daf15301bb58ac2be439f1.bin

    • Size

      1.0MB

    • MD5

      41fac0ed95daf15301bb58ac2be439f1

    • SHA1

      f9b4a3edd8a27b637e9230ec14359eb085e8bf1d

    • SHA256

      107fe599373eb273b4bb7a4b7a1bcdd28119aafa4f20ad84023c8d5d59f15618

    • SHA512

      1e2408033da24ff879f6e1ed43b85024261b5a76b0ce96d4d8c683d108434b094183cf57d5078a5dd4def8d1b12d1624f0428eb9a51d7371f18786659e4a4316

    • SSDEEP

      24576:PLiveU1AQ9OP2iJN9DKvzGRHWUOrvVdi+9zIlNTWs:PLNp9PN5mGRH0dL67

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks