Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    tmp

  • Size

    1.4MB

  • Sample

    240329-w2zj5seg6z

  • MD5

    f1152d572e1722ea2568eff98efc161f

  • SHA1

    5c61a7c330a12a5cd8c649b8335ddae1d63d3d26

  • SHA256

    922c43a5ccbb2622ec917426a98da9289e5481ad29d5996003e8a46e6791573b

  • SHA512

    1f9b02f2038597aeab96eab6ec829c1f2322bfcbb5f07f854e78b14ece4427a915a35575fbed8c86982eb2b2e36507c6e950624d58e5cc50373944829c15d926

  • SSDEEP

    24576:CYhXUX0DKyOBqg7Fx+mDSLdBJ4qyzTaPkrK/ApWmNKmGztJ0uiX19HX7Bcaxw+LP:/hHDKnl2mDo32l63/zm5Gz3F6RrB9x

Score
10/10

Malware Config

Targets

    • Target

      tmp

    • Size

      1.4MB

    • MD5

      f1152d572e1722ea2568eff98efc161f

    • SHA1

      5c61a7c330a12a5cd8c649b8335ddae1d63d3d26

    • SHA256

      922c43a5ccbb2622ec917426a98da9289e5481ad29d5996003e8a46e6791573b

    • SHA512

      1f9b02f2038597aeab96eab6ec829c1f2322bfcbb5f07f854e78b14ece4427a915a35575fbed8c86982eb2b2e36507c6e950624d58e5cc50373944829c15d926

    • SSDEEP

      24576:CYhXUX0DKyOBqg7Fx+mDSLdBJ4qyzTaPkrK/ApWmNKmGztJ0uiX19HX7Bcaxw+LP:/hHDKnl2mDo32l63/zm5Gz3F6RrB9x

    Score
    10/10
    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    • Target

      $TEMP/Simultaneously

    • Size

      268KB

    • MD5

      fc88a8c580509ed23108dd3e0d06f451

    • SHA1

      acec8710b5fcf62d72bedc84303284332fe24ccc

    • SHA256

      6f1c91ab06cf98ef40cf4424558d78fd8db93a759296b18ada5f1f6eedd81ed6

    • SHA512

      404a04e45ab94b5b468dea0aabd032838da6c19bd8e69dcfb43aba51afeca7ec1b2333178d3553e594f7ed875a4b07e1078b1e51e94dc587061e1bddf46f2553

    • SSDEEP

      6144:1K5vPeDkjGgQaE/loUDtf0accB3gBmmLsiS+SAhClbt:uvG4waEqOfFfB3gBTQ+SAibt

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks