Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    289cef8c58a9ee93044653521af992b0N.exe

  • Size

    989KB

  • Sample

    240721-3fwppasfkq

  • MD5

    289cef8c58a9ee93044653521af992b0

  • SHA1

    f9ce52da1b66e89eb3aeb2e6a7eb64f02ca16d3d

  • SHA256

    8c5dd2d2430e6730c3f8460544f25d0b58970d298958fc082bd12b764eacc806

  • SHA512

    a21ef94329882a75264a391ef2291014173dd4207fbeb6a50c6dc09cf7cd10062215497fd13f2074d55588c036eec2201b233ee6c383d94e7f41af806189973f

  • SSDEEP

    24576:oWf5AAVt67YwWS3DQ2lzoIKKYxS2N7VOlgUy8rwIq:Vf5U7BWSM0zFuvNlOq

Malware Config

Targets

    • Target

      289cef8c58a9ee93044653521af992b0N.exe

    • Size

      989KB

    • MD5

      289cef8c58a9ee93044653521af992b0

    • SHA1

      f9ce52da1b66e89eb3aeb2e6a7eb64f02ca16d3d

    • SHA256

      8c5dd2d2430e6730c3f8460544f25d0b58970d298958fc082bd12b764eacc806

    • SHA512

      a21ef94329882a75264a391ef2291014173dd4207fbeb6a50c6dc09cf7cd10062215497fd13f2074d55588c036eec2201b233ee6c383d94e7f41af806189973f

    • SSDEEP

      24576:oWf5AAVt67YwWS3DQ2lzoIKKYxS2N7VOlgUy8rwIq:Vf5U7BWSM0zFuvNlOq

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks