Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    02778afa80c6c18bb693bb46fa88867f38fb2ae816ac6db5e071fc8b38bc0d2b

  • Size

    653KB

  • Sample

    240415-wsfexach34

  • MD5

    1b6aa7da8e5647dbcbf79272726879e1

  • SHA1

    4b041b8e2f0ebfe5c8761edea03c7945b12e4bee

  • SHA256

    02778afa80c6c18bb693bb46fa88867f38fb2ae816ac6db5e071fc8b38bc0d2b

  • SHA512

    4895cde54a735910fc045e729d948acec9a8a3ae6f5591ce37d74d9e62ae785b63d4961d731bb8fd0c4bfe753dece1e1f583000496c8c17ad189040a3bf73e28

  • SSDEEP

    12288:Lu3hilMMG0yucvwOLrXLKfTeSdZ5KrAziuRuWxnFW9E71KGQvLQ0R0JwcMBM5jnG:q3hilMMRz2rCTLdCrUuCnFr71KGQzew1

Score
7/10

Malware Config

Targets

    • Target

      02778afa80c6c18bb693bb46fa88867f38fb2ae816ac6db5e071fc8b38bc0d2b

    • Size

      653KB

    • MD5

      1b6aa7da8e5647dbcbf79272726879e1

    • SHA1

      4b041b8e2f0ebfe5c8761edea03c7945b12e4bee

    • SHA256

      02778afa80c6c18bb693bb46fa88867f38fb2ae816ac6db5e071fc8b38bc0d2b

    • SHA512

      4895cde54a735910fc045e729d948acec9a8a3ae6f5591ce37d74d9e62ae785b63d4961d731bb8fd0c4bfe753dece1e1f583000496c8c17ad189040a3bf73e28

    • SSDEEP

      12288:Lu3hilMMG0yucvwOLrXLKfTeSdZ5KrAziuRuWxnFW9E71KGQvLQ0R0JwcMBM5jnG:q3hilMMRz2rCTLdCrUuCnFr71KGQzew1

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks