Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    69096228777184aa9efce40475cf8f00N.exe

  • Size

    731KB

  • Sample

    240715-db4r3axcqf

  • MD5

    69096228777184aa9efce40475cf8f00

  • SHA1

    044af74c464e49447bc47630eb0b5e45416ff5ad

  • SHA256

    1ad4ad80989766a3ceb74049c2ad9a923dbee9f09f2b87a10c6cc087e045ef23

  • SHA512

    517cf5871b4913aee7032b7eafb1b83d5ca44109fbd23c7964699e7c04d992d73cf3c6be8c230fe4f9d0bcdeb6cfe16e0ab584fa95eac77a34964c2991ca7594

  • SSDEEP

    12288:NPKL+0EoCfb+s2XilZhUdUfzKLE+dTbyvZKa6WvWFUQAuXznu8sMzN2TVHU7ISNO:NSLlEoCfeefULLHVyRKGWeLuTaI2T1Uy

Malware Config

Targets

    • Target

      69096228777184aa9efce40475cf8f00N.exe

    • Size

      731KB

    • MD5

      69096228777184aa9efce40475cf8f00

    • SHA1

      044af74c464e49447bc47630eb0b5e45416ff5ad

    • SHA256

      1ad4ad80989766a3ceb74049c2ad9a923dbee9f09f2b87a10c6cc087e045ef23

    • SHA512

      517cf5871b4913aee7032b7eafb1b83d5ca44109fbd23c7964699e7c04d992d73cf3c6be8c230fe4f9d0bcdeb6cfe16e0ab584fa95eac77a34964c2991ca7594

    • SSDEEP

      12288:NPKL+0EoCfb+s2XilZhUdUfzKLE+dTbyvZKa6WvWFUQAuXznu8sMzN2TVHU7ISNO:NSLlEoCfeefULLHVyRKGWeLuTaI2T1Uy

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks