Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-01-09_636abf451dde624870290c8819eef6b7_floxif_icedid

  • Size

    6.4MB

  • Sample

    240110-gmetvsfhhn

  • MD5

    636abf451dde624870290c8819eef6b7

  • SHA1

    69bc78567261b3a12831eed1f816f75d94af802b

  • SHA256

    1bc1009dfe6498825839b6f6c4df3b34db52d258c1db339785f744320a99ab8d

  • SHA512

    eba257bbd1c86b4f0d5b4fd7164570050d586ac9b64aefd2f07f63f7140d4f61b9441ab4aaf53ef5d71214620b5bba9507f81665e5f5e1e517c70277516e146f

  • SSDEEP

    98304:7acgWC6MbNe3txzH4ZNpLXD33EBqMUBB2Z6YfCuB0iSwgqdN5GAj:KlpIxzH2NpToBGT46YfCuB0bwfN5GAj

Malware Config

Targets

    • Target

      2024-01-09_636abf451dde624870290c8819eef6b7_floxif_icedid

    • Size

      6.4MB

    • MD5

      636abf451dde624870290c8819eef6b7

    • SHA1

      69bc78567261b3a12831eed1f816f75d94af802b

    • SHA256

      1bc1009dfe6498825839b6f6c4df3b34db52d258c1db339785f744320a99ab8d

    • SHA512

      eba257bbd1c86b4f0d5b4fd7164570050d586ac9b64aefd2f07f63f7140d4f61b9441ab4aaf53ef5d71214620b5bba9507f81665e5f5e1e517c70277516e146f

    • SSDEEP

      98304:7acgWC6MbNe3txzH4ZNpLXD33EBqMUBB2Z6YfCuB0iSwgqdN5GAj:KlpIxzH2NpToBGT46YfCuB0bwfN5GAj

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks