Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    64.exe

  • Size

    401KB

  • Sample

    240426-v92h2agg29

  • MD5

    3e682955546fe3b6b1296a509ff80f65

  • SHA1

    da050e533305cd03b0235af1cbccfd3ff611d4c3

  • SHA256

    96dd5b0abe337b23d4caa746a29c196af3508fa103d16a1f180e13730cdb773b

  • SHA512

    dcb1dc90e85179e39dfcc773f9f790e230d9b563cb50dedac1f2e5d0106797bd8fd2b8c9a14b68134eb0b5b7aff66de1b6f6c46a69f9d98542070fa168d87436

  • SSDEEP

    6144:cDGeTb5E+Z7EAXrvPRIxK0zBL/TIDC2dL3RltnfoBglM7zMUdsvk3zhAt76zkiz4:cDGelZ7FXrPy4ix+LBltsgK7zXIqbkT

Score
10/10

Malware Config

Targets

    • Target

      64.exe

    • Size

      401KB

    • MD5

      3e682955546fe3b6b1296a509ff80f65

    • SHA1

      da050e533305cd03b0235af1cbccfd3ff611d4c3

    • SHA256

      96dd5b0abe337b23d4caa746a29c196af3508fa103d16a1f180e13730cdb773b

    • SHA512

      dcb1dc90e85179e39dfcc773f9f790e230d9b563cb50dedac1f2e5d0106797bd8fd2b8c9a14b68134eb0b5b7aff66de1b6f6c46a69f9d98542070fa168d87436

    • SSDEEP

      6144:cDGeTb5E+Z7EAXrvPRIxK0zBL/TIDC2dL3RltnfoBglM7zMUdsvk3zhAt76zkiz4:cDGelZ7FXrPy4ix+LBltsgK7zXIqbkT

    Score
    9/10
    • NirSoft WebBrowserPassView

      Password recovery tool for various web browsers

    • Nirsoft

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks