Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    04575cd4a4ef5347718ceea706854ba33c867378b865a9d9c7fff16b666d4307.exe

  • Size

    459KB

  • Sample

    240212-cre8zaga21

  • MD5

    17e4647572d5755c4f07f2ceecdaf11a

  • SHA1

    7a6e22249325b9c3bbc11c30b172997ce79a01b2

  • SHA256

    04575cd4a4ef5347718ceea706854ba33c867378b865a9d9c7fff16b666d4307

  • SHA512

    791367c7e9bd739a63af148f41a55d91a2a15c34dc72abc2bad5baafcd585048a798d5ba0089468dd723a3dea5fdc914ffc9a55e68037c43015fbaa6c86c57e3

  • SSDEEP

    12288:ISsxGETPB372BslW/RQc17THyvAmgelYa:ISsgEjB37EsWRQc17eAelf

Malware Config

Targets

    • Target

      04575cd4a4ef5347718ceea706854ba33c867378b865a9d9c7fff16b666d4307.exe

    • Size

      459KB

    • MD5

      17e4647572d5755c4f07f2ceecdaf11a

    • SHA1

      7a6e22249325b9c3bbc11c30b172997ce79a01b2

    • SHA256

      04575cd4a4ef5347718ceea706854ba33c867378b865a9d9c7fff16b666d4307

    • SHA512

      791367c7e9bd739a63af148f41a55d91a2a15c34dc72abc2bad5baafcd585048a798d5ba0089468dd723a3dea5fdc914ffc9a55e68037c43015fbaa6c86c57e3

    • SSDEEP

      12288:ISsxGETPB372BslW/RQc17THyvAmgelYa:ISsgEjB37EsWRQc17eAelf

    • Detects executables packed with unregistered version of .NET Reactor

    • .NET Reactor proctector

      Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks