Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    installer.exe

  • Size

    16.3MB

  • Sample

    240710-vvka7szdkr

  • MD5

    75b2f3ba60fe0c078e5d7296eec68c08

  • SHA1

    4f210ccdac03cab510700cb1647b4ed231507df9

  • SHA256

    48334de0444dd96926c17691c1e0ff236c09d347efacd5722855688f70983d4d

  • SHA512

    94ef8702922bd51cb1e1ee5608e7a2a84475278b732dbb8a3d2d4a6c215c7b53f24df71f7d94749cf9c667b96c0a63fdae1b51c147be937c3db5be0c123a173a

  • SSDEEP

    393216:Su7L/O127kRhQfuwW+eGQRg93iObLRS/MLZ8tGIoCSAyFZO:SCL2DTQmwW+e5R49nR9FK8x

Malware Config

Targets

    • Target

      installer.exe

    • Size

      16.3MB

    • MD5

      75b2f3ba60fe0c078e5d7296eec68c08

    • SHA1

      4f210ccdac03cab510700cb1647b4ed231507df9

    • SHA256

      48334de0444dd96926c17691c1e0ff236c09d347efacd5722855688f70983d4d

    • SHA512

      94ef8702922bd51cb1e1ee5608e7a2a84475278b732dbb8a3d2d4a6c215c7b53f24df71f7d94749cf9c667b96c0a63fdae1b51c147be937c3db5be0c123a173a

    • SSDEEP

      393216:Su7L/O127kRhQfuwW+eGQRg93iObLRS/MLZ8tGIoCSAyFZO:SCL2DTQmwW+e5R49nR9FK8x

    Score
    7/10
    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Target

      cstealer.pyc

    • Size

      75KB

    • MD5

      44d80709f492610a377eafff857aa413

    • SHA1

      91e53c38437797bd7e0ae5bb45a3e03144c4ec21

    • SHA256

      2312b7c1b6704e66d44d44971fed7492d2fa9655009e3cc00c6a7a79e59d8c53

    • SHA512

      b3b42555de7648aa4a1d6dfc94ae0503964913af7baa9528b623e5f9991a560734d43b9c88608a3cca5f13c507debfd4711951230d2932933d981b7c0b31f0d0

    • SSDEEP

      1536:DvIiOtbI3vkwsJlYaa2Is8qRai+jjV6P4grrRheEX:DvQ29t2Is8HdgP4grrRnX

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks