Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    bc506cf6d29c348a922143ae80d78e61

  • Size

    6.6MB

  • Sample

    240309-vcp4qsdc3v

  • MD5

    bc506cf6d29c348a922143ae80d78e61

  • SHA1

    30510a3e423e60f580cec38e9f931edd45df39b1

  • SHA256

    c34cf3baad24777ecfcdf229cf1a375215eb46ce84cf3bc64a35509f077be43d

  • SHA512

    7092eeec0f05b07c1626ce04ad9acce62ff0c5cf28fe2ea3b3b3a52937bac99c52191503546562d8559283f3b3ce49dc40c1823f0f62515f64883bb15fc5c8ef

  • SSDEEP

    196608:JOhPmCsXDjDyf6L2WliXYrHW1Lo+k+KsR67:KPmCEDVL2ciIrHWRo+f9c

Malware Config

Targets

    • Target

      bc506cf6d29c348a922143ae80d78e61

    • Size

      6.6MB

    • MD5

      bc506cf6d29c348a922143ae80d78e61

    • SHA1

      30510a3e423e60f580cec38e9f931edd45df39b1

    • SHA256

      c34cf3baad24777ecfcdf229cf1a375215eb46ce84cf3bc64a35509f077be43d

    • SHA512

      7092eeec0f05b07c1626ce04ad9acce62ff0c5cf28fe2ea3b3b3a52937bac99c52191503546562d8559283f3b3ce49dc40c1823f0f62515f64883bb15fc5c8ef

    • SSDEEP

      196608:JOhPmCsXDjDyf6L2WliXYrHW1Lo+k+KsR67:KPmCEDVL2ciIrHWRo+f9c

    Score
    7/10
    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks