Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    049a1da796b9c1144ec44bfa9a5cc200N.exe

  • Size

    2.7MB

  • Sample

    240715-y5pv8axepk

  • MD5

    049a1da796b9c1144ec44bfa9a5cc200

  • SHA1

    1f0152b3ad829d7318a9a6884eeb0d60ecbd16c2

  • SHA256

    69ad4341c4497360116400bd5b38866323be3396bf57737fe067c8e93942fa8e

  • SHA512

    6674da5d8f139d6588ac25d1de9c53c901dbdd1ed1e66924c81555d89261f9eb2c32ba4ad171c8621143d2660b140fd7107eeb6342a4c9ba8b2407a2e79b4ee2

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBbB/bSq:sxX7QnxrloE5dpUpIbV

Malware Config

Targets

    • Target

      049a1da796b9c1144ec44bfa9a5cc200N.exe

    • Size

      2.7MB

    • MD5

      049a1da796b9c1144ec44bfa9a5cc200

    • SHA1

      1f0152b3ad829d7318a9a6884eeb0d60ecbd16c2

    • SHA256

      69ad4341c4497360116400bd5b38866323be3396bf57737fe067c8e93942fa8e

    • SHA512

      6674da5d8f139d6588ac25d1de9c53c901dbdd1ed1e66924c81555d89261f9eb2c32ba4ad171c8621143d2660b140fd7107eeb6342a4c9ba8b2407a2e79b4ee2

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBbB/bSq:sxX7QnxrloE5dpUpIbV

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks