Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NightmareX.exe

  • Size

    17.0MB

  • Sample

    240214-nqpa2ahb7z

  • MD5

    ab93e3e0039732fcc4b0a55a49bb3d56

  • SHA1

    a27f39f8e7055fc958fd5cc6c6aa633906574326

  • SHA256

    711250d86c4623d612735a26b2bdace3266a0570cfd63417c2ecf029714fed40

  • SHA512

    49afcdfb90ffa8023e6ff6de48140a4602dc4a80b272a98c7dffa08b406e027e9ef060a19ff34b5b05eaaae7443b78962161fb8610049c11d3d58c3bca54dcdd

  • SSDEEP

    98304:QH7oxLH9NH1oryvcIEvjPGw8qPLxPnI6sklXxEpHIbxckJY17DUC0td7wN:QH7WLdIrqc1viwzLxvdfRJqDUCEG

Score
7/10

Malware Config

Targets

    • Target

      NightmareX.exe

    • Size

      17.0MB

    • MD5

      ab93e3e0039732fcc4b0a55a49bb3d56

    • SHA1

      a27f39f8e7055fc958fd5cc6c6aa633906574326

    • SHA256

      711250d86c4623d612735a26b2bdace3266a0570cfd63417c2ecf029714fed40

    • SHA512

      49afcdfb90ffa8023e6ff6de48140a4602dc4a80b272a98c7dffa08b406e027e9ef060a19ff34b5b05eaaae7443b78962161fb8610049c11d3d58c3bca54dcdd

    • SSDEEP

      98304:QH7oxLH9NH1oryvcIEvjPGw8qPLxPnI6sklXxEpHIbxckJY17DUC0td7wN:QH7WLdIrqc1viwzLxvdfRJqDUCEG

    Score
    7/10
    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks