Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

09/04/2024, 17:50

240409-wess3shb6z 7

09/04/2024, 17:47

240409-wcxdgsdf49 7

General

  • Target

    SenPalia Setup.zip

  • Size

    74.4MB

  • Sample

    240409-wess3shb6z

  • MD5

    cd8965f100307025a9562c8ab7bdc021

  • SHA1

    015426b91df70d80bc3f40233ab19eacfddc3791

  • SHA256

    6fa637f04205998b312dee522a694b5f4e3629e38c0c97ecac5910a59414462e

  • SHA512

    3c368d3d28538a94b8a8e4055e91b6aab648461d320d9a49b0b46cc7c9b1eb7a39aeb33430d61a7d99fdbea5016eb86e858f428118eb94ee742f732872a3783f

  • SSDEEP

    1572864:ySv5+KBjaR1x7pB+3PPxVKPRBb0n1eoGyHg+EMzR12sok8RJl:tAuaR1F+BVyROn1eUH6i2sCp

Malware Config

Targets

    • Target

      SenPalia Installer.exe

    • Size

      74.4MB

    • MD5

      bc181331f428bb02109541c553c07b4b

    • SHA1

      d6c1a161f9a60a357cc5c7d6cc5febed12f19eee

    • SHA256

      51298c3f8bf5253334c02f9ac1c3f5a465e23707d6c063515a7defc1a3a50a91

    • SHA512

      73f0b53a1a623879630ff894b8bd832ef8f9bf034213c713f3933e65d5f6243dc3722a2cd46adbaa1a0f48a7e5adeccd57ebf7f61d359fe053fe299501a8c3ab

    • SSDEEP

      1572864:946LBYjCvct2YQi2JrydyxvgJnsI0SNcucgzxTMWIyeKx:9LuCct2R3rEySJnsqN0QMWM

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks