Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Screenshot 2024-04-23 3.45.58 PM.png
-
Size
360KB
-
Sample
240423-z2qtsaca37
-
MD5
5641fde0bd72e9594a5656d9d630d883
-
SHA1
a26e86d9e143c67cb9cdfce554a8373b72ec6fdc
-
SHA256
52e84685350b6d7ec1885f187fdd8417994ce653566555472fe98b4a8bde8eaa
-
SHA512
797c07db95a5a9f0ed254a607a4dc0e4b8aa398b3868eaffbe2c541be28b316212732472340e2afefefcef9c4e827e51c435ba2a7522bedda51e5994617f09c3
-
SSDEEP
6144:Zwcq+lFhJB1HkuA/jXbOXrMoX9fRiAKyTilfiv+AvrV/GRKuVfnokI+2Dcjmx:5hfTA3OXrfNJiANVv5vrViXlicjmx
Malware Config
Targets
-
-
Target
Screenshot 2024-04-23 3.45.58 PM.png
-
Size
360KB
-
MD5
5641fde0bd72e9594a5656d9d630d883
-
SHA1
a26e86d9e143c67cb9cdfce554a8373b72ec6fdc
-
SHA256
52e84685350b6d7ec1885f187fdd8417994ce653566555472fe98b4a8bde8eaa
-
SHA512
797c07db95a5a9f0ed254a607a4dc0e4b8aa398b3868eaffbe2c541be28b316212732472340e2afefefcef9c4e827e51c435ba2a7522bedda51e5994617f09c3
-
SSDEEP
6144:Zwcq+lFhJB1HkuA/jXbOXrMoX9fRiAKyTilfiv+AvrV/GRKuVfnokI+2Dcjmx:5hfTA3OXrfNJiANVv5vrViXlicjmx
Score8/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads local data of messenger clients
Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Drops file in System32 directory
-