Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Neverlose.exe

  • Size

    9.3MB

  • Sample

    240311-tglfnseh8x

  • MD5

    9726e7377e9543885a2c4754381822bb

  • SHA1

    0fd62ed358743ed8b3b94c35cbc72443f4d5c0ff

  • SHA256

    66c2261a63363e5f2fea7d1232f86b9861eda79f187d31a2d19663e874ce4c9a

  • SHA512

    848a004a172bd0d2280bfb0544552638060c8058a70f0ad55bae12e0836a0985ea0f886ef2923e4fc538fb40b00dd19d9832c7cc37c5c5a9f00e98a047992a5d

  • SSDEEP

    196608:stDE8bCA1HeT39Iigw7vKub75bcjWgb66e7GGSEezfqAkjUWlRH2W:p8n1+TtIiF7vB5IjWq66eclzw92W

Malware Config

Targets

    • Target

      Neverlose.exe

    • Size

      9.3MB

    • MD5

      9726e7377e9543885a2c4754381822bb

    • SHA1

      0fd62ed358743ed8b3b94c35cbc72443f4d5c0ff

    • SHA256

      66c2261a63363e5f2fea7d1232f86b9861eda79f187d31a2d19663e874ce4c9a

    • SHA512

      848a004a172bd0d2280bfb0544552638060c8058a70f0ad55bae12e0836a0985ea0f886ef2923e4fc538fb40b00dd19d9832c7cc37c5c5a9f00e98a047992a5d

    • SSDEEP

      196608:stDE8bCA1HeT39Iigw7vKub75bcjWgb66e7GGSEezfqAkjUWlRH2W:p8n1+TtIiF7vB5IjWq66eclzw92W

    Score
    7/10
    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Target

      NeverLose.pyc

    • Size

      174KB

    • MD5

      bd1f23aeb1a7010f7df8ec97a7cf320d

    • SHA1

      9c65376c9af2438c145ebe7242de93515cb1aaf7

    • SHA256

      24205ef534e6c5d955c8b72c3e2e12e02a333947c000cb98e9aee05b858008d0

    • SHA512

      a9a2f09dc3f2dbc014355065bd9a5166b11b6763d26d0f19b376282a51eb4c8f5b48ded488ce780152d08e9fd208e9870b990778c5ceee1d50aaceb366580141

    • SSDEEP

      1536:R8sG5CVMtbfxAjNzCd29+6eGIWVBGWwiNZjkinOx2boGx/jOYh9vPiB9FBgxjhad:RwxH2peGICGWrOsoGx/j5HHm/XlTmlmf

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks