Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-05-04_faa5d362e8fec96dccd1417e2041c832_snatch

  • Size

    9.6MB

  • Sample

    240504-p25ylahc36

  • MD5

    faa5d362e8fec96dccd1417e2041c832

  • SHA1

    67fb1942daf3cb0441b8f3683575e9dd201d6400

  • SHA256

    e449fb370dcc28a1592d38ed1f9d8705c9134d3398643b1c18beabf62f9df078

  • SHA512

    deed85bb7256e552dbb3921e2b00c96ec426628aee6efca8b60849a552a1b966d7a35c67c9eff948dbd0442a35b6a0f43c8e83a6c18ac19ffe07834fc81c5dc8

  • SSDEEP

    98304:fyLjUmJHIF1bksRfAA+D6Zfdcvwp53KzEUPEABEtxatN:SHIF1bNfEsXcgUvc8tN

Score
10/10

Malware Config

Targets

    • Target

      2024-05-04_faa5d362e8fec96dccd1417e2041c832_snatch

    • Size

      9.6MB

    • MD5

      faa5d362e8fec96dccd1417e2041c832

    • SHA1

      67fb1942daf3cb0441b8f3683575e9dd201d6400

    • SHA256

      e449fb370dcc28a1592d38ed1f9d8705c9134d3398643b1c18beabf62f9df078

    • SHA512

      deed85bb7256e552dbb3921e2b00c96ec426628aee6efca8b60849a552a1b966d7a35c67c9eff948dbd0442a35b6a0f43c8e83a6c18ac19ffe07834fc81c5dc8

    • SSDEEP

      98304:fyLjUmJHIF1bksRfAA+D6Zfdcvwp53KzEUPEABEtxatN:SHIF1bNfEsXcgUvc8tN

    Score
    7/10
    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v15

Tasks