Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    001f5e6962b0bbe66aa27b2b76c3a260N.exe

  • Size

    1.8MB

  • Sample

    240721-pshrps1cre

  • MD5

    001f5e6962b0bbe66aa27b2b76c3a260

  • SHA1

    6a0f901fb1df198bc79aae47ab97af8c28a2e0b2

  • SHA256

    d0c6c48dcf1a97609486774c2d13114ae7dabbe054449c8eeec580aa45814b73

  • SHA512

    8f30db9ad037a34c98da1e632c98560382d37040974cc6a6c637c8dbeccfc160ebb5d9d9c25f9f0f1342dea9e18045005dae1df7845baf20c8416778c5783031

  • SSDEEP

    49152:Vl7IcvX58qBZNF8u3JeCPFDh6+PCypi1gMbC:/7vJHmuMCpLoeM+

Malware Config

Targets

    • Target

      001f5e6962b0bbe66aa27b2b76c3a260N.exe

    • Size

      1.8MB

    • MD5

      001f5e6962b0bbe66aa27b2b76c3a260

    • SHA1

      6a0f901fb1df198bc79aae47ab97af8c28a2e0b2

    • SHA256

      d0c6c48dcf1a97609486774c2d13114ae7dabbe054449c8eeec580aa45814b73

    • SHA512

      8f30db9ad037a34c98da1e632c98560382d37040974cc6a6c637c8dbeccfc160ebb5d9d9c25f9f0f1342dea9e18045005dae1df7845baf20c8416778c5783031

    • SSDEEP

      49152:Vl7IcvX58qBZNF8u3JeCPFDh6+PCypi1gMbC:/7vJHmuMCpLoeM+

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks