Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f303074b9e3f955524c3b47d7eb0bb70N.exe

  • Size

    920KB

  • Sample

    240720-v5cn4swejj

  • MD5

    f303074b9e3f955524c3b47d7eb0bb70

  • SHA1

    9ded5078c914a3d617237d3c7178aed75b16af04

  • SHA256

    632a93c0aa21835c559c8ab3f37235cec56af61719cbb37e115ecd822bcfdbb3

  • SHA512

    290601268fddc17d0706a1774db08d959e997634fd18bc06e4175854dd0a268b662a5b5b31d7633e3d3fb695bbcefb204aec35bf9fa02ad55b15f1ce609d6ed1

  • SSDEEP

    24576:2wORH9uFgGf2w6qOkZOrHKhKq0pvhljvilP5cz:h6uFFf26dAk0pvhlvilPyz

Malware Config

Targets

    • Target

      f303074b9e3f955524c3b47d7eb0bb70N.exe

    • Size

      920KB

    • MD5

      f303074b9e3f955524c3b47d7eb0bb70

    • SHA1

      9ded5078c914a3d617237d3c7178aed75b16af04

    • SHA256

      632a93c0aa21835c559c8ab3f37235cec56af61719cbb37e115ecd822bcfdbb3

    • SHA512

      290601268fddc17d0706a1774db08d959e997634fd18bc06e4175854dd0a268b662a5b5b31d7633e3d3fb695bbcefb204aec35bf9fa02ad55b15f1ce609d6ed1

    • SSDEEP

      24576:2wORH9uFgGf2w6qOkZOrHKhKq0pvhljvilP5cz:h6uFFf26dAk0pvhlvilPyz

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks