Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6e09ca0e67a45adf753d48e15fbaa340.bin

  • Size

    1.4MB

  • Sample

    240604-cdckxshd9s

  • MD5

    6e09ca0e67a45adf753d48e15fbaa340

  • SHA1

    669ebb41f82aad0dd4638eab9a06b03891cb6a9f

  • SHA256

    d50b569da8e0e6997a0ba87dda4afb2d225bef9ebe51d6dcbe2d6082aedfa82e

  • SHA512

    8213b58d3e2f392a3d0529c909b6498ef70d8093f22bc9249afa51a5653c0508b3b1b6b85dd4e6a7239cd7d3cef8df21254a6e68683c5013ee8180a08a559738

  • SSDEEP

    24576:V/Bh8LN7j6Isx//rYawaV+0JJfmmFB6Tv9KnV9T2EnU+OIR4svLMq:P+pKRx/gy4vj9KnaEnzOy4svLX

Malware Config

Targets

    • Target

      6e09ca0e67a45adf753d48e15fbaa340.bin

    • Size

      1.4MB

    • MD5

      6e09ca0e67a45adf753d48e15fbaa340

    • SHA1

      669ebb41f82aad0dd4638eab9a06b03891cb6a9f

    • SHA256

      d50b569da8e0e6997a0ba87dda4afb2d225bef9ebe51d6dcbe2d6082aedfa82e

    • SHA512

      8213b58d3e2f392a3d0529c909b6498ef70d8093f22bc9249afa51a5653c0508b3b1b6b85dd4e6a7239cd7d3cef8df21254a6e68683c5013ee8180a08a559738

    • SSDEEP

      24576:V/Bh8LN7j6Isx//rYawaV+0JJfmmFB6Tv9KnV9T2EnU+OIR4svLMq:P+pKRx/gy4vj9KnaEnzOy4svLX

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks