Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4fd9c7c8860fdb39d108aa863444c4f0N.exe

  • Size

    201KB

  • Sample

    240715-a69p1szgll

  • MD5

    4fd9c7c8860fdb39d108aa863444c4f0

  • SHA1

    03d2cbd3b28a1f68365a5a2583a520739e9a3b88

  • SHA256

    47caecf18636f927291636acbc40c3b5fff93b9b5371e5054775aa2deedb8e55

  • SHA512

    2bde0bd8a64a3b21e643bc6bf5640cb7ca0c908ca21623f1d60e746a8b4b69ae6684baf69ad8e5cf4c750a1c975dbc62ba537797f1681b4e842c43ca115d3ddb

  • SSDEEP

    6144:dXC4vgmhbIxs3NBByQop9QBfdZY9ScmsbeL:dXCNi9BsVQ5s9SIK

Malware Config

Targets

    • Target

      4fd9c7c8860fdb39d108aa863444c4f0N.exe

    • Size

      201KB

    • MD5

      4fd9c7c8860fdb39d108aa863444c4f0

    • SHA1

      03d2cbd3b28a1f68365a5a2583a520739e9a3b88

    • SHA256

      47caecf18636f927291636acbc40c3b5fff93b9b5371e5054775aa2deedb8e55

    • SHA512

      2bde0bd8a64a3b21e643bc6bf5640cb7ca0c908ca21623f1d60e746a8b4b69ae6684baf69ad8e5cf4c750a1c975dbc62ba537797f1681b4e842c43ca115d3ddb

    • SSDEEP

      6144:dXC4vgmhbIxs3NBByQop9QBfdZY9ScmsbeL:dXCNi9BsVQ5s9SIK

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks