Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0b63f4abdb552932bfc9989e99a664d0N.exe

  • Size

    110KB

  • Sample

    240720-z1yg8sxamc

  • MD5

    0b63f4abdb552932bfc9989e99a664d0

  • SHA1

    bfcbabefd7cfe5dfeb521d6057a5ce9e0b9f1226

  • SHA256

    5997442526ff5ec3fbbc39b6c1b5ed34ca8c5269439331d4c0b55fa6b6a696bf

  • SHA512

    ee4282137b2f2010a6109ce81f24ebbe419e8e7d385053106454a25490be9dc1215a02b63d09084dd506310a882139a1b67a969a47b3c9f680d75ef201d99ecd

  • SSDEEP

    1536:1iLOvRmmQegJgBbmAQ256/ZrwWnwqjhurmKFcxL8JQ28SGd:1iyvRmeLs/ZrwWJjAqGcRJ2xS

Malware Config

Targets

    • Target

      0b63f4abdb552932bfc9989e99a664d0N.exe

    • Size

      110KB

    • MD5

      0b63f4abdb552932bfc9989e99a664d0

    • SHA1

      bfcbabefd7cfe5dfeb521d6057a5ce9e0b9f1226

    • SHA256

      5997442526ff5ec3fbbc39b6c1b5ed34ca8c5269439331d4c0b55fa6b6a696bf

    • SHA512

      ee4282137b2f2010a6109ce81f24ebbe419e8e7d385053106454a25490be9dc1215a02b63d09084dd506310a882139a1b67a969a47b3c9f680d75ef201d99ecd

    • SSDEEP

      1536:1iLOvRmmQegJgBbmAQ256/ZrwWnwqjhurmKFcxL8JQ28SGd:1iyvRmeLs/ZrwWJjAqGcRJ2xS

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks