Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fb8de45d8e1a63d53bbb06daacb97d40N.exe

  • Size

    1.3MB

  • Sample

    240720-w7278axbrr

  • MD5

    fb8de45d8e1a63d53bbb06daacb97d40

  • SHA1

    9515f5ada8759f574fa84b784c6ccc34aa8e29c6

  • SHA256

    f7d16890728825d8593b494188a0aeee22e610f6cbebc39a6112f66514dafae4

  • SHA512

    2f19400396e6d48b7fe2540097953bd051f4c33ea65091e26822e32a4171a4937bced89b7f4a21d9e6bd5ade397e352395100fb08af6d442e91e31cc05441832

  • SSDEEP

    24576:2wmpe4LlEJoZMLA0Ys6dQ1eR3mQImtOcYKGAm53yJNxBCDkOp56E:hmk4LlEJoNswQkmQIwGAm53y/xBCoOp/

Malware Config

Targets

    • Target

      fb8de45d8e1a63d53bbb06daacb97d40N.exe

    • Size

      1.3MB

    • MD5

      fb8de45d8e1a63d53bbb06daacb97d40

    • SHA1

      9515f5ada8759f574fa84b784c6ccc34aa8e29c6

    • SHA256

      f7d16890728825d8593b494188a0aeee22e610f6cbebc39a6112f66514dafae4

    • SHA512

      2f19400396e6d48b7fe2540097953bd051f4c33ea65091e26822e32a4171a4937bced89b7f4a21d9e6bd5ade397e352395100fb08af6d442e91e31cc05441832

    • SSDEEP

      24576:2wmpe4LlEJoZMLA0Ys6dQ1eR3mQImtOcYKGAm53yJNxBCDkOp56E:hmk4LlEJoNswQkmQIwGAm53y/xBCoOp/

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks