Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    81b07b468c152b4f8dd630763fbd6760_NEAS

  • Size

    848KB

  • Sample

    240507-pvfecsga5t

  • MD5

    81b07b468c152b4f8dd630763fbd6760

  • SHA1

    caa45c6bcea8755e5d2ba0a64943d68e15013952

  • SHA256

    8411e54878d36fab4c6ab26fb3b39ddecc0ad028877637b1609be33ed7b274e4

  • SHA512

    a07f0f61dd9c785d1c96dca6ea8f8adeccc6318aa13dd8e4ba90c452606c0242b2baee8a0a9233d11ffd2b0241c7aa084fe1f7107b8e90d5ab5d714da90410a0

  • SSDEEP

    24576:oW8dTNRF2V65VOv0Gr/KNNKKn5Inhx1MbrD:V8VN72V6nOv0GDKNNL5IyHD

Malware Config

Targets

    • Target

      81b07b468c152b4f8dd630763fbd6760_NEAS

    • Size

      848KB

    • MD5

      81b07b468c152b4f8dd630763fbd6760

    • SHA1

      caa45c6bcea8755e5d2ba0a64943d68e15013952

    • SHA256

      8411e54878d36fab4c6ab26fb3b39ddecc0ad028877637b1609be33ed7b274e4

    • SHA512

      a07f0f61dd9c785d1c96dca6ea8f8adeccc6318aa13dd8e4ba90c452606c0242b2baee8a0a9233d11ffd2b0241c7aa084fe1f7107b8e90d5ab5d714da90410a0

    • SSDEEP

      24576:oW8dTNRF2V65VOv0Gr/KNNKKn5Inhx1MbrD:V8VN72V6nOv0GDKNNL5IyHD

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks