Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3bcfdc70f9303d442ddfc552312cd070N.exe

  • Size

    1.1MB

  • Sample

    240714-28c8dazake

  • MD5

    3bcfdc70f9303d442ddfc552312cd070

  • SHA1

    0b3a1f63f06047a9140db948f8d0090096f5c700

  • SHA256

    658b22f3ce994ed65e4f632623072ae9fdacdabb0983d9b7a6a3c9d5834051c3

  • SHA512

    08c2586307facf761915dd8b3dd673692dee66b952e04d0b9a2694cc94817067af7ee966ae57e4d1355f3bfac2c66fec2d815e261b424d44d811f1dbbfb706ee

  • SSDEEP

    24576:7rNz/a/L2kPIiNkeuuqaYBBLi7PpwmOQQbZETDQTm+EA7vrer:/5/CL2hauuq3HcJHnTDQ97s

Malware Config

Targets

    • Target

      3bcfdc70f9303d442ddfc552312cd070N.exe

    • Size

      1.1MB

    • MD5

      3bcfdc70f9303d442ddfc552312cd070

    • SHA1

      0b3a1f63f06047a9140db948f8d0090096f5c700

    • SHA256

      658b22f3ce994ed65e4f632623072ae9fdacdabb0983d9b7a6a3c9d5834051c3

    • SHA512

      08c2586307facf761915dd8b3dd673692dee66b952e04d0b9a2694cc94817067af7ee966ae57e4d1355f3bfac2c66fec2d815e261b424d44d811f1dbbfb706ee

    • SSDEEP

      24576:7rNz/a/L2kPIiNkeuuqaYBBLi7PpwmOQQbZETDQTm+EA7vrer:/5/CL2hauuq3HcJHnTDQ97s

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks