Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

09/04/2024, 22:11

240409-131wtaea38 8

09/04/2024, 21:43

240409-1k5r2scg65 7

09/04/2024, 21:18

240409-z5mxasbe59 7

06/04/2024, 10:55

240406-mz7nashc59 8

06/04/2024, 10:41

240406-mrjaqsgd6z 7

General

  • Target

    GalaxiaViva.exe

  • Size

    69.8MB

  • Sample

    240409-131wtaea38

  • MD5

    62bda6829e7b08bd8f3c5b4057fa238f

  • SHA1

    b3cadccbe3199cf72c8dd110b463137eed013e09

  • SHA256

    18ce929380ab15f9e9d23d156ff3cff56b94e33641a40379f57e7adc91130c3f

  • SHA512

    1966c014c929f8feff29f00aff837769b232890ad572b46d8056ea7b18de9b970ea8cdce0014fc2d040fc62476c1ffce222ad6b9209dfaec0bf535546de25147

  • SSDEEP

    1572864:f85PaKHmqV6kLdNjObU5LwsagSbZFgagYjhSuyDV09arU7:uPaq1VddNaAwsa3bjhHyh09aA7

Score
8/10

Malware Config

Targets

    • Target

      GalaxiaViva.exe

    • Size

      69.8MB

    • MD5

      62bda6829e7b08bd8f3c5b4057fa238f

    • SHA1

      b3cadccbe3199cf72c8dd110b463137eed013e09

    • SHA256

      18ce929380ab15f9e9d23d156ff3cff56b94e33641a40379f57e7adc91130c3f

    • SHA512

      1966c014c929f8feff29f00aff837769b232890ad572b46d8056ea7b18de9b970ea8cdce0014fc2d040fc62476c1ffce222ad6b9209dfaec0bf535546de25147

    • SSDEEP

      1572864:f85PaKHmqV6kLdNjObU5LwsagSbZFgagYjhSuyDV09arU7:uPaq1VddNaAwsa3bjhHyh09aA7

    Score
    8/10
    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

    • Target

      Installer.exe

    • Size

      147.0MB

    • MD5

      2fcb65fc8b2bc9505da8dd94033cc7ad

    • SHA1

      ff12916a1d57eb26d9e5856d91c450b155a35f65

    • SHA256

      708543f3ca34ffe8e4d33c09560d4e190fe35bd2aa7a57369291174d537ffc32

    • SHA512

      4927ede0dead3f947513add783a150245185ae1872b0f59d8159448423b33e636956e69b8278c37f62dd9a6a4ca59247f83beea4d59d1a6832ce5ce4533ed585

    • SSDEEP

      1572864:EgGRqQdeZ4K5M0PmL0g6dKXPRYGO1QwOVnMKVbmd6LpL28nHQ5OneFBlwb:OV6msmCUhN4lS

    Score
    7/10
    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks