Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    46be9555630cdbaa66c218afcf2c9e50_NEAS

  • Size

    318KB

  • Sample

    240507-bw9gyacd2x

  • MD5

    46be9555630cdbaa66c218afcf2c9e50

  • SHA1

    ff878da6b5190202a47831ff9c5e9115091941b9

  • SHA256

    0a115c588c9583fa58bda051449ef221a8c4ed158a1cab4e5d5bf516017761ca

  • SHA512

    2a32f737f07a3f522c245f1f85fe50a6e9cd85fc614c39fc171ed4acf7a7daa5b2692e8dba5c71c27bb7223feb9a9beb2679a4e652ccac68d3593a416b9585e2

  • SSDEEP

    6144:JXC4vgmhbIxs3NBBF/EKcF2dCfXx09s6H7PphsALLLnv/50VX8pK+a:JXCNi9Bn/EKcFWCfn6bRjvuVM0n

Malware Config

Targets

    • Target

      46be9555630cdbaa66c218afcf2c9e50_NEAS

    • Size

      318KB

    • MD5

      46be9555630cdbaa66c218afcf2c9e50

    • SHA1

      ff878da6b5190202a47831ff9c5e9115091941b9

    • SHA256

      0a115c588c9583fa58bda051449ef221a8c4ed158a1cab4e5d5bf516017761ca

    • SHA512

      2a32f737f07a3f522c245f1f85fe50a6e9cd85fc614c39fc171ed4acf7a7daa5b2692e8dba5c71c27bb7223feb9a9beb2679a4e652ccac68d3593a416b9585e2

    • SSDEEP

      6144:JXC4vgmhbIxs3NBBF/EKcF2dCfXx09s6H7PphsALLLnv/50VX8pK+a:JXCNi9Bn/EKcFWCfn6bRjvuVM0n

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks