Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Xylex-Executor.exe

  • Size

    10.9MB

  • Sample

    240505-s5h5saea7w

  • MD5

    13193ff628a2dcb77215278237789854

  • SHA1

    5f7f1dbafc5a0b72db0425bb7be081f227034994

  • SHA256

    fa9e580d42e1779416aacd9e607f91ffb317411485f1ea7576b53e07ad8d4df1

  • SHA512

    35037d4bef970b27bc8f40d8859b6dc19ae6596af880124cb7e173d1876e96867a3fcf8e21fb28559d3c3d4d03481780cb1c3d80626905aef3b7f32245af1286

  • SSDEEP

    196608:Gt6LxwYlz2Jp5UfDC3njkY49eNz4+2Pfm/pf+xZfdcRBZZWKsnqrMWOzW0DjqT:M6KYh2Jp5qC3njkGz4+2m/pWvfCRB7B3

Malware Config

Targets

    • Target

      Xylex-Executor.exe

    • Size

      10.9MB

    • MD5

      13193ff628a2dcb77215278237789854

    • SHA1

      5f7f1dbafc5a0b72db0425bb7be081f227034994

    • SHA256

      fa9e580d42e1779416aacd9e607f91ffb317411485f1ea7576b53e07ad8d4df1

    • SHA512

      35037d4bef970b27bc8f40d8859b6dc19ae6596af880124cb7e173d1876e96867a3fcf8e21fb28559d3c3d4d03481780cb1c3d80626905aef3b7f32245af1286

    • SSDEEP

      196608:Gt6LxwYlz2Jp5UfDC3njkY49eNz4+2Pfm/pf+xZfdcRBZZWKsnqrMWOzW0DjqT:M6KYh2Jp5qC3njkGz4+2m/pWvfCRB7B3

    • Grants admin privileges

      Uses net.exe to modify the user's privileges.

    • Modifies Windows Firewall

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Target

      Stub.pyc

    • Size

      875KB

    • MD5

      f9831a9a3ff275207efa27868672503d

    • SHA1

      a85c50e5a9dae11ac402daaba0e4c2762e839af0

    • SHA256

      f683502becd15ec94f2d3175add74a6c8759178a617e15d3801d11bb2d4c92eb

    • SHA512

      8a671e751443fe48fa156cb1de646782db8fd1a2a59b8fa0e8247bc0a91b1aacab3a058bb5d9c617dc40970b47d96a84ad34a4d55216bdcac6f3e378610f03dc

    • SSDEEP

      24576:OONIZ/KW//MzIrMbYw3UgD1+J3BadmuPP:OV/MkrMblUgU7Y

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks