Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1d88e5e360459969c165abdb1670f71a.bin

  • Size

    15.3MB

  • Sample

    240704-blff4sxhlh

  • MD5

    1d88e5e360459969c165abdb1670f71a

  • SHA1

    4acdad52c9889570197a2fa2cd59c943e57647f5

  • SHA256

    51f92e2913482e3706a215c2b6a217b616fa8323274fb1637ee9b8fdbd8cc615

  • SHA512

    a3986b65eb0b50f09031a6b59b36d54d7f9216189e441b4aea0ccf3c47da4fa62a2fb8c367a460f8b672ff9d412ede3ced4179bf2b784260a3ff235b27321fb5

  • SSDEEP

    393216:qTXaexG6bXCpS9c5hlERblh2pvAdZYyk0RrBGDHYdD60fz:uvxG6geEhk5QpvAdZkyczkOw

Malware Config

Targets

    • Target

      1d88e5e360459969c165abdb1670f71a.bin

    • Size

      15.3MB

    • MD5

      1d88e5e360459969c165abdb1670f71a

    • SHA1

      4acdad52c9889570197a2fa2cd59c943e57647f5

    • SHA256

      51f92e2913482e3706a215c2b6a217b616fa8323274fb1637ee9b8fdbd8cc615

    • SHA512

      a3986b65eb0b50f09031a6b59b36d54d7f9216189e441b4aea0ccf3c47da4fa62a2fb8c367a460f8b672ff9d412ede3ced4179bf2b784260a3ff235b27321fb5

    • SSDEEP

      393216:qTXaexG6bXCpS9c5hlERblh2pvAdZYyk0RrBGDHYdD60fz:uvxG6geEhk5QpvAdZkyczkOw

    Score
    7/10
    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks