Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    FivemAE.exe

  • Size

    16.5MB

  • Sample

    240203-2g5hjsdhfr

  • MD5

    d00c2f0b3ffce86e496b8d9be28a41c1

  • SHA1

    4a56414bee960e79203cc437fea4a59c51da7d19

  • SHA256

    14c0e92d72fb2a6afcba06f88bca846d13e78e418661a4203045f52d497a2578

  • SHA512

    9b3024bff2793175640e9c175c10ace4d8d9b0d85d6e15e0d39aabbb16675bdd1f4de21e39ed9eb14bc3b714ece27b147294ce3693319edd0760e98a4ecc4b4c

  • SSDEEP

    393216:fh9S2nnx8qGCPaL+9qzTSCk+7q301JE1bbKXiWCUI:Z9Dnx3M+9q/4301gHFVUI

Malware Config

Targets

    • Target

      FivemAE.exe

    • Size

      16.5MB

    • MD5

      d00c2f0b3ffce86e496b8d9be28a41c1

    • SHA1

      4a56414bee960e79203cc437fea4a59c51da7d19

    • SHA256

      14c0e92d72fb2a6afcba06f88bca846d13e78e418661a4203045f52d497a2578

    • SHA512

      9b3024bff2793175640e9c175c10ace4d8d9b0d85d6e15e0d39aabbb16675bdd1f4de21e39ed9eb14bc3b714ece27b147294ce3693319edd0760e98a4ecc4b4c

    • SSDEEP

      393216:fh9S2nnx8qGCPaL+9qzTSCk+7q301JE1bbKXiWCUI:Z9Dnx3M+9q/4301gHFVUI

    Score
    7/10
    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks