Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    59b5d522f7984b06107ec79805b727e8

  • Size

    3.4MB

  • Sample

    240113-3ntkashbc3

  • MD5

    59b5d522f7984b06107ec79805b727e8

  • SHA1

    4ab71f90d3aea09297d8686d8e02e12bfc566ee0

  • SHA256

    1622cc5cee3c0ce49f88d8db78c1d6af35a62083ab50573448bcc4ff175c891c

  • SHA512

    3a7c09226e32192c8e1f9003ce05e9c047c21f460edcf53130f9147efe09a110ec3351b9399935842382548543a9702d6e536dd8567a4cc175b5bb4fe19adee7

  • SSDEEP

    98304:IRS6nfSOQZOt+CW+7EELhF3gxpNOf2k2Y/PL:Ikj8NBFwxpNOuk2y

Malware Config

Targets

    • Target

      59b5d522f7984b06107ec79805b727e8

    • Size

      3.4MB

    • MD5

      59b5d522f7984b06107ec79805b727e8

    • SHA1

      4ab71f90d3aea09297d8686d8e02e12bfc566ee0

    • SHA256

      1622cc5cee3c0ce49f88d8db78c1d6af35a62083ab50573448bcc4ff175c891c

    • SHA512

      3a7c09226e32192c8e1f9003ce05e9c047c21f460edcf53130f9147efe09a110ec3351b9399935842382548543a9702d6e536dd8567a4cc175b5bb4fe19adee7

    • SSDEEP

      98304:IRS6nfSOQZOt+CW+7EELhF3gxpNOf2k2Y/PL:Ikj8NBFwxpNOuk2y

    • Stops running service(s)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks