Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    93dff9ef398033495ca2489289c9e4ee701b74da32d24336b7736249d504318f

  • Size

    1.3MB

  • Sample

    240629-amrebsyhnl

  • MD5

    73ac36fe126dbaee9102bfdf43efefe4

  • SHA1

    39e772ae162549dcc248baf2e87892ee744e8d4f

  • SHA256

    93dff9ef398033495ca2489289c9e4ee701b74da32d24336b7736249d504318f

  • SHA512

    27615be79ead64565a8ea6643ee7d3759282d3eb77f31a8ddd9f8545ed9daef7a75bc66b53d6b414a34162b2cef1a50324b5781d5bb3544bcbc140019a800009

  • SSDEEP

    24576:CacdH8oakIie5JmJI/GjQ2hyVNqbI4xMCv45Zj9q0vwo1iu2vjl:CacOUcuR02AVNgILCg9zvwWiuAl

Malware Config

Targets

    • Target

      93dff9ef398033495ca2489289c9e4ee701b74da32d24336b7736249d504318f

    • Size

      1.3MB

    • MD5

      73ac36fe126dbaee9102bfdf43efefe4

    • SHA1

      39e772ae162549dcc248baf2e87892ee744e8d4f

    • SHA256

      93dff9ef398033495ca2489289c9e4ee701b74da32d24336b7736249d504318f

    • SHA512

      27615be79ead64565a8ea6643ee7d3759282d3eb77f31a8ddd9f8545ed9daef7a75bc66b53d6b414a34162b2cef1a50324b5781d5bb3544bcbc140019a800009

    • SSDEEP

      24576:CacdH8oakIie5JmJI/GjQ2hyVNqbI4xMCv45Zj9q0vwo1iu2vjl:CacOUcuR02AVNgILCg9zvwWiuAl

    • Detects executables containing possible sandbox analysis VM usernames

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks