Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Built.exe

  • Size

    8.1MB

  • Sample

    240703-jyqfvaxgmn

  • MD5

    63ce56e8cceba3d9cfbc9e51bc2096d8

  • SHA1

    7b508d8debf737bbfe26b8887e966b54f9704a8b

  • SHA256

    06fb10b1d4598007ec5dbae65545070cf9a7a9ae47bf7e3e879c60fb3456498f

  • SHA512

    10ff5614139b6b5fe66b271c8dc1297b5eafea3a0c34ac330b5992b34be3f8baf62651546535fcba108a59b733c8ed1a9a221c2c7d37fcb8ce064fac5ed37dc5

  • SSDEEP

    196608:ayIyqu9VqurErvI9pWjgfPvzm6VsIQnFDE14AU:DIyZsurEUWjC3zDKnp04AU

Malware Config

Targets

    • Target

      Built.exe

    • Size

      8.1MB

    • MD5

      63ce56e8cceba3d9cfbc9e51bc2096d8

    • SHA1

      7b508d8debf737bbfe26b8887e966b54f9704a8b

    • SHA256

      06fb10b1d4598007ec5dbae65545070cf9a7a9ae47bf7e3e879c60fb3456498f

    • SHA512

      10ff5614139b6b5fe66b271c8dc1297b5eafea3a0c34ac330b5992b34be3f8baf62651546535fcba108a59b733c8ed1a9a221c2c7d37fcb8ce064fac5ed37dc5

    • SSDEEP

      196608:ayIyqu9VqurErvI9pWjgfPvzm6VsIQnFDE14AU:DIyZsurEUWjC3zDKnp04AU

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks