Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NTClientLoginV2.exe

  • Size

    19.6MB

  • Sample

    240316-beftashf57

  • MD5

    2f639e60f45e291ea337f51767628568

  • SHA1

    c69f8a8436e71765c30ddd9a7be1b14768edc659

  • SHA256

    a5c3291fae5d8003d9c0b093bf97bb3de079c75d4ffc5e9a8839e44074bf3d6b

  • SHA512

    d600f6f9cc57bf14d17ebcc880d7ac85de9071831779c8c96ec56db677d553dde2cec31b5d7f2327780d01bad89b0d0083f5244a54bf424784d3bf553c98c27d

  • SSDEEP

    393216:no9Du63QD08kE7hAT0L+9qz8YSJH+1JYJGcH6dpdwqYV1:o97Qx+0+9q4YSJH+1+QcmAqc

Malware Config

Targets

    • Target

      NTClientLoginV2.exe

    • Size

      19.6MB

    • MD5

      2f639e60f45e291ea337f51767628568

    • SHA1

      c69f8a8436e71765c30ddd9a7be1b14768edc659

    • SHA256

      a5c3291fae5d8003d9c0b093bf97bb3de079c75d4ffc5e9a8839e44074bf3d6b

    • SHA512

      d600f6f9cc57bf14d17ebcc880d7ac85de9071831779c8c96ec56db677d553dde2cec31b5d7f2327780d01bad89b0d0083f5244a54bf424784d3bf553c98c27d

    • SSDEEP

      393216:no9Du63QD08kE7hAT0L+9qz8YSJH+1JYJGcH6dpdwqYV1:o97Qx+0+9q4YSJH+1+QcmAqc

    Score
    7/10
    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks