Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

29/11/2024, 17:54

241129-wg88vatlar 10

23/04/2024, 15:06

240423-sgtllshc2x 7

General

  • Target

    1.exe

  • Size

    291KB

  • Sample

    240423-sgtllshc2x

  • MD5

    4591db8ed5b0f0c4ab38fdce24d91b96

  • SHA1

    732759b743bfefcdf86c220785804939e7f7c855

  • SHA256

    b4f4d51431c4e3f7aeb01057dc851454cff4e64d16c05d9da12dfb428715d130

  • SHA512

    ac03681bf991217dfc408b37b5279b7871c5a3afd8fc2fdc46ba7c2b0fc2f65da3e8fc6fc2ed6e0515bec568a82d0eb31c1ce4056b61f3b72361d3ea63f2a8e9

  • SSDEEP

    6144:y7emv99YdwLa/kfNGnrPMYoRDF7jrqSIh+cE85uAjqRH+jQir55u:lkCrPMYARXrqSU+KuAjxjQa55u

Malware Config

Targets

    • Target

      1.exe

    • Size

      291KB

    • MD5

      4591db8ed5b0f0c4ab38fdce24d91b96

    • SHA1

      732759b743bfefcdf86c220785804939e7f7c855

    • SHA256

      b4f4d51431c4e3f7aeb01057dc851454cff4e64d16c05d9da12dfb428715d130

    • SHA512

      ac03681bf991217dfc408b37b5279b7871c5a3afd8fc2fdc46ba7c2b0fc2f65da3e8fc6fc2ed6e0515bec568a82d0eb31c1ce4056b61f3b72361d3ea63f2a8e9

    • SSDEEP

      6144:y7emv99YdwLa/kfNGnrPMYoRDF7jrqSIh+cE85uAjqRH+jQir55u:lkCrPMYARXrqSU+KuAjxjQa55u

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

    • Unsecured Credentials: Credentials In Files

      Steal credentials from unsecured files.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

MITRE ATT&CK Enterprise v15

Tasks