Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2FastBetVN.exe

  • Size

    151KB

  • Sample

    240119-r8fy6agfg3

  • MD5

    3fbc8e17cb9da2415668bcc9c22f88b0

  • SHA1

    66879710e62797c06013c7ca924432e3295975e7

  • SHA256

    fdb18d128decf596a3670a3407e9afb6c0320daa40f5e2ebc9bacb94b0d755b6

  • SHA512

    0e27c3671709bac901cd669de232580b9a91fc9c6f68b837fbd2ceb5c2f8901c6fd3785255669563ed457ca2000975bc6b461d12939ab7e21d3de700720ec97c

  • SSDEEP

    3072:xyqBXv8zjxf5GWp1icKAArDZz4N9GhbkrNEk1uN:vu7p0yN90QED

Malware Config

Targets

    • Target

      2FastBetVN.exe

    • Size

      151KB

    • MD5

      3fbc8e17cb9da2415668bcc9c22f88b0

    • SHA1

      66879710e62797c06013c7ca924432e3295975e7

    • SHA256

      fdb18d128decf596a3670a3407e9afb6c0320daa40f5e2ebc9bacb94b0d755b6

    • SHA512

      0e27c3671709bac901cd669de232580b9a91fc9c6f68b837fbd2ceb5c2f8901c6fd3785255669563ed457ca2000975bc6b461d12939ab7e21d3de700720ec97c

    • SSDEEP

      3072:xyqBXv8zjxf5GWp1icKAArDZz4N9GhbkrNEk1uN:vu7p0yN90QED

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Manipulates Digital Signatures

      Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Drops desktop.ini file(s)

    • Checks system information in the registry

      System information is often read in order to detect sandboxing environments.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    • Modifies termsrv.dll

      Commonly used to allow simultaneous RDP sessions.

MITRE ATT&CK Enterprise v15

Tasks