Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    21eebde62ef87184d6d09586b9567510.exe

  • Size

    696KB

  • Sample

    240706-a17cpstaja

  • MD5

    21eebde62ef87184d6d09586b9567510

  • SHA1

    e7fe55345e940b3ce7d6da65daedff0ae2fd4bfa

  • SHA256

    826ce34e39da7cc907325f060281a009c121ffd2def2c704d905bbf5e758c9c2

  • SHA512

    64170ca8932bd23449bf8b2b1732649d6bfb0a700940ee2a698275698654d94b738c25b0cd61d8d6901b7dad56ae765a3bc3726549e836ff873663a5d4d40b7c

  • SSDEEP

    12288:dXCNi9BxB8iBd5xSu0OlahESYDnzHX115hurQPcUMjdQna11bVhbJ:oWL8Q5T0xmSYDBEEmj4I9

Malware Config

Targets

    • Target

      21eebde62ef87184d6d09586b9567510.exe

    • Size

      696KB

    • MD5

      21eebde62ef87184d6d09586b9567510

    • SHA1

      e7fe55345e940b3ce7d6da65daedff0ae2fd4bfa

    • SHA256

      826ce34e39da7cc907325f060281a009c121ffd2def2c704d905bbf5e758c9c2

    • SHA512

      64170ca8932bd23449bf8b2b1732649d6bfb0a700940ee2a698275698654d94b738c25b0cd61d8d6901b7dad56ae765a3bc3726549e836ff873663a5d4d40b7c

    • SSDEEP

      12288:dXCNi9BxB8iBd5xSu0OlahESYDnzHX115hurQPcUMjdQna11bVhbJ:oWL8Q5T0xmSYDBEEmj4I9

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks