Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    StudioApp.exe

  • Size

    14.6MB

  • Sample

    240202-gftpfaheal

  • MD5

    ea6ab30812126ed8f703ecabe9f89f00

  • SHA1

    6ca5fc27c598eef84065518e7a649dfe9c1c76a2

  • SHA256

    22442d487765e55be893d7b769b48bdcc193d537aada4435954d6cbdb0563d86

  • SHA512

    117b72096463a6a15ff654a36de4f9024cf494a466b4c0fc3ea867f9614c13c98913efcecc2fe690acd6fe006b5517b787570fa3214c7d3313b8a468876a07de

  • SSDEEP

    393216:9kiIE7YoPQJidQuslSq99oWOv+9fg5SE70AQw:997rPQwdQuSDorvSY5S5At

Malware Config

Targets

    • Target

      StudioApp.exe

    • Size

      14.6MB

    • MD5

      ea6ab30812126ed8f703ecabe9f89f00

    • SHA1

      6ca5fc27c598eef84065518e7a649dfe9c1c76a2

    • SHA256

      22442d487765e55be893d7b769b48bdcc193d537aada4435954d6cbdb0563d86

    • SHA512

      117b72096463a6a15ff654a36de4f9024cf494a466b4c0fc3ea867f9614c13c98913efcecc2fe690acd6fe006b5517b787570fa3214c7d3313b8a468876a07de

    • SSDEEP

      393216:9kiIE7YoPQJidQuslSq99oWOv+9fg5SE70AQw:997rPQwdQuSDorvSY5S5At

    Score
    7/10
    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Target

      Creal.pyc

    • Size

      178KB

    • MD5

      4b3fdf3600c95945369a4b8cf2d96483

    • SHA1

      7a2dbc74bcf1dfa56607d2d5164eeda59273f998

    • SHA256

      1b9391cd6ec4a8b0fac07f70e977dadc067b6e0b998d08161c20d062be21a844

    • SHA512

      d46bcb5b1811dff77c7e440c7961ba277d7aa0d0aa071a3f8c0bb84085ddf3f780c04e0c92dde3324bf5d9c63276761c6153346cc5380ddb5df99d1f12da8caf

    • SSDEEP

      1536:uu6Drbe3uzTZMB7aK1vUt0pXd8Cqq+bL3BcwZgB7b+RMjlk1V6mk5ziOQzqh1guY:56Dfe3uz0BZtt8v1hgB76RMjWgl5W2rY

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks