Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5a43bf16573ed704bae6f47eb5281892

  • Size

    823KB

  • Sample

    240114-eyd1ladac5

  • MD5

    5a43bf16573ed704bae6f47eb5281892

  • SHA1

    2590c1e0d94c1b6104473fa8891a59bdc8cdf6fa

  • SHA256

    29d3c94a7a90b73ae8c3ee5776a176dae164392eb92627383fb177570b2e3498

  • SHA512

    0b0f5f42166babc4c3153ececa44b74110f53c558d5b7faa6684876b5dc3e07a04741bd9feaa6e22fabf83c65b870d0f86f83197d0106c79814f49a2f0426e14

  • SSDEEP

    24576:8b80K3OuFD/cGfPy3tZHApPkCVfqqbWnAwT8OXcxb:8h3uhU7XAdk0qqbWAfOU

Malware Config

Extracted

Credentials

  • Protocol:
    smtp
  • Host:
    smtp.gmail.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    rienafaire99

Targets

    • Target

      5a43bf16573ed704bae6f47eb5281892

    • Size

      823KB

    • MD5

      5a43bf16573ed704bae6f47eb5281892

    • SHA1

      2590c1e0d94c1b6104473fa8891a59bdc8cdf6fa

    • SHA256

      29d3c94a7a90b73ae8c3ee5776a176dae164392eb92627383fb177570b2e3498

    • SHA512

      0b0f5f42166babc4c3153ececa44b74110f53c558d5b7faa6684876b5dc3e07a04741bd9feaa6e22fabf83c65b870d0f86f83197d0106c79814f49a2f0426e14

    • SSDEEP

      24576:8b80K3OuFD/cGfPy3tZHApPkCVfqqbWnAwT8OXcxb:8h3uhU7XAdk0qqbWAfOU

    • UAC bypass

    • Disables Task Manager via registry modification

    • Drops startup file

    • Adds Run key to start application

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks