Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    416ecc3e7a04e5539213a1fabe676b9b

  • Size

    2.0MB

  • Sample

    240409-189e5sed62

  • MD5

    416ecc3e7a04e5539213a1fabe676b9b

  • SHA1

    d5db9c24f32f72b243ba297cf999573d659ecfdb

  • SHA256

    744df2bf8cdd01a0aabdce41163d1afaa7fc8a6d24a251cb827ac5c4a04e1f8c

  • SHA512

    468a3096b5aa1b6aeb904c3a62096ea5f4c739b7e25be9c58a29fa089632b2b0344a1ac4ef580da00940e1009ec721dc66cc16bc3cea743d94b716c2e49f7ca0

  • SSDEEP

    24576:t2gC7mNdosj6Aqb1eaOXTA/FNyA/kSnM5Nh2XABwE9t72ggdiG2fcwnjYNJi4B5C:QgC7mNgSXT2yHAkhnpt72cxdJ4BiBnT

Malware Config

Targets

    • Target

      416ecc3e7a04e5539213a1fabe676b9b

    • Size

      2.0MB

    • MD5

      416ecc3e7a04e5539213a1fabe676b9b

    • SHA1

      d5db9c24f32f72b243ba297cf999573d659ecfdb

    • SHA256

      744df2bf8cdd01a0aabdce41163d1afaa7fc8a6d24a251cb827ac5c4a04e1f8c

    • SHA512

      468a3096b5aa1b6aeb904c3a62096ea5f4c739b7e25be9c58a29fa089632b2b0344a1ac4ef580da00940e1009ec721dc66cc16bc3cea743d94b716c2e49f7ca0

    • SSDEEP

      24576:t2gC7mNdosj6Aqb1eaOXTA/FNyA/kSnM5Nh2XABwE9t72ggdiG2fcwnjYNJi4B5C:QgC7mNgSXT2yHAkhnpt72cxdJ4BiBnT

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks