Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Malwarebytes.Premium-3.8.3.2965.exe

  • Size

    62.8MB

  • Sample

    240223-jvvw6aeb78

  • MD5

    d3c545e7304eb768d0a63a2e85d09e09

  • SHA1

    5cd0f4753075a0523f23309d1e638d6bac384044

  • SHA256

    934fac70a451afcce0b5d083c6d4de689b46717e1d4b4425d75179e09ac73992

  • SHA512

    c1f63bf2f5af3c0c6a29769df604cd01bd442607a62e0953d5dfffb5810c6885728c3f2dc5f284355cfff29789524ffca0f0b623add753b5be0ef8b9d472c61b

  • SSDEEP

    1572864:73dmJkylTRJ8apG9uYb//XmBvvfdLlmGBoQUzYHjwHr/vGDA1V:TUJkETRJ8aI5/+Bv3dLlQdzY8jeDA1V

Malware Config

Targets

    • Target

      Malwarebytes.Premium-3.8.3.2965.exe

    • Size

      62.8MB

    • MD5

      d3c545e7304eb768d0a63a2e85d09e09

    • SHA1

      5cd0f4753075a0523f23309d1e638d6bac384044

    • SHA256

      934fac70a451afcce0b5d083c6d4de689b46717e1d4b4425d75179e09ac73992

    • SHA512

      c1f63bf2f5af3c0c6a29769df604cd01bd442607a62e0953d5dfffb5810c6885728c3f2dc5f284355cfff29789524ffca0f0b623add753b5be0ef8b9d472c61b

    • SSDEEP

      1572864:73dmJkylTRJ8apG9uYb//XmBvvfdLlmGBoQUzYHjwHr/vGDA1V:TUJkETRJ8aI5/+Bv3dLlQdzY8jeDA1V

    • Drops file in Drivers directory

    • Sets service image path in registry

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Registers COM server for autorun

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks