Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

0982943ec7...0N.exe

windows7-x64

7

0982943ec7...0N.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0982943ec76e3bad6c9c2715f1f1ac60N.exe

  • Size

    2.0MB

  • Sample

    240712-2pgrfswdne

  • MD5

    0982943ec76e3bad6c9c2715f1f1ac60

  • SHA1

    9716c3fd154636a65e62748f9e2babf2f438bc17

  • SHA256

    6fdd26e9c7025d6952b7ab2f36828cb724b54127f061f5ebee3030f953950f96

  • SHA512

    88d7da9532ae426bed4a2b5d42cb1dea9ce7f04df5a649a23530ceb2e41828d6b5b4232894343ebe167e920ea5cd01ab6d566ba3d2a2f96a2be8e047f5c4e64a

  • SSDEEP

    49152:huoX8BWflZTtaicdqNn2AYliZfcCsBkJp/sMhNVUwY2MCidqTepYg:Asfz8iwqJkZCsWkMyZ2MCidpYg

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      0982943ec76e3bad6c9c2715f1f1ac60N.exe

    • Size

      2.0MB

    • MD5

      0982943ec76e3bad6c9c2715f1f1ac60

    • SHA1

      9716c3fd154636a65e62748f9e2babf2f438bc17

    • SHA256

      6fdd26e9c7025d6952b7ab2f36828cb724b54127f061f5ebee3030f953950f96

    • SHA512

      88d7da9532ae426bed4a2b5d42cb1dea9ce7f04df5a649a23530ceb2e41828d6b5b4232894343ebe167e920ea5cd01ab6d566ba3d2a2f96a2be8e047f5c4e64a

    • SSDEEP

      49152:huoX8BWflZTtaicdqNn2AYliZfcCsBkJp/sMhNVUwY2MCidqTepYg:Asfz8iwqJkZCsWkMyZ2MCidpYg

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks