Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

4edcd0bccd...67.exe

windows7-x64

7

4edcd0bccd...67.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4edcd0bccdf36311e56f7a0abfc58a67

  • Size

    407KB

  • Sample

    240409-2gxgyaae4z

  • MD5

    4edcd0bccdf36311e56f7a0abfc58a67

  • SHA1

    5571ec2b92ae49c0a248469400abf93c11bc73f3

  • SHA256

    dfcda277f7ec2e90d242da4e39d680c278cb822fa718b0a31a358d66f7b7a09f

  • SHA512

    6c4ddb2f0f4d0ea0a537f226ad0c2c26a621bc8bd0525351a055aa6c847dccc5983a622404bd7b8d29042b9554c77948242b1ffad588773e17b4a21cbb64cd85

  • SSDEEP

    6144:aDOxZXrSHXUTsiJcsSM0lo3uXfVBz2pGhTSPVLB4BKrim0T8+nzA9PCezWpg3m:lXa8si5SdV8cWtLW4rGQ+zA9qqjW

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      4edcd0bccdf36311e56f7a0abfc58a67

    • Size

      407KB

    • MD5

      4edcd0bccdf36311e56f7a0abfc58a67

    • SHA1

      5571ec2b92ae49c0a248469400abf93c11bc73f3

    • SHA256

      dfcda277f7ec2e90d242da4e39d680c278cb822fa718b0a31a358d66f7b7a09f

    • SHA512

      6c4ddb2f0f4d0ea0a537f226ad0c2c26a621bc8bd0525351a055aa6c847dccc5983a622404bd7b8d29042b9554c77948242b1ffad588773e17b4a21cbb64cd85

    • SSDEEP

      6144:aDOxZXrSHXUTsiJcsSM0lo3uXfVBz2pGhTSPVLB4BKrim0T8+nzA9PCezWpg3m:lXa8si5SdV8cWtLW4rGQ+zA9qqjW

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks