Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7c219fa1717f546496d93163a69711f0N.exe

  • Size

    442KB

  • Sample

    240719-lhp69atgjk

  • MD5

    7c219fa1717f546496d93163a69711f0

  • SHA1

    a64d567c0a1b4d8c57ad1273eaa9eb395bd8a110

  • SHA256

    1ef6ef3df4ca87927b3230e274952c7e2feb51c3fef27d03f522b7676cda573b

  • SHA512

    c1038ab1ebf5206735cc8997cdb4c4bcee88cc3a118c178ced6e571ffa79712887726690ea13c65b9fcbf499f8c093819c1a78dd30668954c3240b7fd7a0b271

  • SSDEEP

    12288:A//vi9BRNuee0jcEsb52TXT/2UGQxLB1pW6WStK2P1NW51UNJnh50:2wRNuz0jcjN2DTOUGi1hK2T0+NhY

Malware Config

Targets

    • Target

      7c219fa1717f546496d93163a69711f0N.exe

    • Size

      442KB

    • MD5

      7c219fa1717f546496d93163a69711f0

    • SHA1

      a64d567c0a1b4d8c57ad1273eaa9eb395bd8a110

    • SHA256

      1ef6ef3df4ca87927b3230e274952c7e2feb51c3fef27d03f522b7676cda573b

    • SHA512

      c1038ab1ebf5206735cc8997cdb4c4bcee88cc3a118c178ced6e571ffa79712887726690ea13c65b9fcbf499f8c093819c1a78dd30668954c3240b7fd7a0b271

    • SSDEEP

      12288:A//vi9BRNuee0jcEsb52TXT/2UGQxLB1pW6WStK2P1NW51UNJnh50:2wRNuz0jcjN2DTOUGi1hK2T0+NhY

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks