Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

13/01/2024, 21:43

240113-1ky99sfff4 10

09/01/2024, 23:22

240109-3cxgtaacbp 10

General

  • Target

    winPEASx64.exe

  • Size

    2.3MB

  • Sample

    240113-1ky99sfff4

  • MD5

    7defdd1c67017a91e79405eac2d1ccfa

  • SHA1

    fc9af9a4994203c4edb8a63a2a4583cb1bf925d8

  • SHA256

    c8cbded62a574f562801ab063cae6550caad82bd1e36556dfb2b1f9b594ec642

  • SHA512

    bdb85c3b23fe46d3664b0286da52f6afdea200014f9883d898e60b503476e6eebda1d39ec185d320813ac41d7555cde1c1c946fa04e235fcbad51823b0c8d987

  • SSDEEP

    24576:0cjmcTjtzOkZ/YAhL8vx/KPqti36hBKNKkThXHf5gULzs:zmcFHtY4L8vk+xQ4kBHf5gi

Malware Config

Targets

    • Target

      winPEASx64.exe

    • Size

      2.3MB

    • MD5

      7defdd1c67017a91e79405eac2d1ccfa

    • SHA1

      fc9af9a4994203c4edb8a63a2a4583cb1bf925d8

    • SHA256

      c8cbded62a574f562801ab063cae6550caad82bd1e36556dfb2b1f9b594ec642

    • SHA512

      bdb85c3b23fe46d3664b0286da52f6afdea200014f9883d898e60b503476e6eebda1d39ec185d320813ac41d7555cde1c1c946fa04e235fcbad51823b0c8d987

    • SSDEEP

      24576:0cjmcTjtzOkZ/YAhL8vx/KPqti36hBKNKkThXHf5gULzs:zmcFHtY4L8vk+xQ4kBHf5gi

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks