Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    32d252534c542367c9142722d7846e30.exe

  • Size

    1.9MB

  • Sample

    240110-w2dmnsdhe2

  • MD5

    32d252534c542367c9142722d7846e30

  • SHA1

    3f12815829d49c4a3c58a4c81d1b29a6bbe0559f

  • SHA256

    af76eca8fb87654239cf27832deaf940bdc25aba67aab489272909d3f92950f4

  • SHA512

    0f42263bce1904972225799c0ecb121dade8b93b170960e95bd11602cf5d21dfd2989c9d2f898f940e5803417c8ace5992a295c6a946be0a1edda1a2a903b15d

  • SSDEEP

    49152:DNVHofUQUKnHVotxmM6/d7KwoZgJDtaGmeSdjkrfR:DNVHTKHWt8JoZgJDt3Aq

Malware Config

Targets

    • Target

      32d252534c542367c9142722d7846e30.exe

    • Size

      1.9MB

    • MD5

      32d252534c542367c9142722d7846e30

    • SHA1

      3f12815829d49c4a3c58a4c81d1b29a6bbe0559f

    • SHA256

      af76eca8fb87654239cf27832deaf940bdc25aba67aab489272909d3f92950f4

    • SHA512

      0f42263bce1904972225799c0ecb121dade8b93b170960e95bd11602cf5d21dfd2989c9d2f898f940e5803417c8ace5992a295c6a946be0a1edda1a2a903b15d

    • SSDEEP

      49152:DNVHofUQUKnHVotxmM6/d7KwoZgJDtaGmeSdjkrfR:DNVHTKHWt8JoZgJDt3Aq

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks