Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

27/02/2024, 21:02

240227-zvlw9abe32 8

27/02/2024, 21:01

240227-zt7sbsbf3s 1

General

  • Target

    release_v4.rar

  • Size

    15.5MB

  • Sample

    240227-zvlw9abe32

  • MD5

    fd1bf04083511e2f9039adb11f6f0fa2

  • SHA1

    dc22c2de27239653e90c3c37c59b6c3a2177d10c

  • SHA256

    ed3cdc71e21e5f846284826f81d9d9abe02d61a8038b80350ea3b7dc843a9b3d

  • SHA512

    5192f2ace2383716f84f80eca6bf21d3f0c08db5ddf517adf3a7de33cf415a3a7c80b3aa30201538c0769aab85c4dee6943393eca2eb614d2e21db724ea3ff69

  • SSDEEP

    393216:/zYZDaxJ95F9ejuNQwWNPN1tWLsIjx5Z50vWTWSGJ:/zOa3pcjuGXZMLd3L0v9SGJ

Score
8/10

Malware Config

Targets

    • Target

      release_v4.rar

    • Size

      15.5MB

    • MD5

      fd1bf04083511e2f9039adb11f6f0fa2

    • SHA1

      dc22c2de27239653e90c3c37c59b6c3a2177d10c

    • SHA256

      ed3cdc71e21e5f846284826f81d9d9abe02d61a8038b80350ea3b7dc843a9b3d

    • SHA512

      5192f2ace2383716f84f80eca6bf21d3f0c08db5ddf517adf3a7de33cf415a3a7c80b3aa30201538c0769aab85c4dee6943393eca2eb614d2e21db724ea3ff69

    • SSDEEP

      393216:/zYZDaxJ95F9ejuNQwWNPN1tWLsIjx5Z50vWTWSGJ:/zOa3pcjuGXZMLd3L0v9SGJ

    Score
    8/10
    • Downloads MZ/PE file

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks