Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fe486621f8b989623330a8c63dc803d0N.exe

  • Size

    761KB

  • Sample

    240721-w4k5ja1gnm

  • MD5

    fe486621f8b989623330a8c63dc803d0

  • SHA1

    95c7f205773fabf11aa4ddf7df87043dc4355118

  • SHA256

    e4fabd3e19b49f8ff26803c4b422cd163d2ff123facec184f176895b4ebb5d53

  • SHA512

    01d9a84fdd9c9f20af35c84b46e58c90b7a542d639cc648a7b4cc67805ff48524dd533ba9fc82dad247839fdc87b7bb89c3f9aa00c2fc1fbc44b4f3c035d0446

  • SSDEEP

    12288:OWji9B3foJxwU+fidmVrc/68fkS9x1vthjFgT7b1g4s735XEE4CkUW7uNSmmlK8K:C3foJxwU+SmVw68fDLhxgDhM35/4CkUv

Malware Config

Targets

    • Target

      fe486621f8b989623330a8c63dc803d0N.exe

    • Size

      761KB

    • MD5

      fe486621f8b989623330a8c63dc803d0

    • SHA1

      95c7f205773fabf11aa4ddf7df87043dc4355118

    • SHA256

      e4fabd3e19b49f8ff26803c4b422cd163d2ff123facec184f176895b4ebb5d53

    • SHA512

      01d9a84fdd9c9f20af35c84b46e58c90b7a542d639cc648a7b4cc67805ff48524dd533ba9fc82dad247839fdc87b7bb89c3f9aa00c2fc1fbc44b4f3c035d0446

    • SSDEEP

      12288:OWji9B3foJxwU+fidmVrc/68fkS9x1vthjFgT7b1g4s735XEE4CkUW7uNSmmlK8K:C3foJxwU+SmVw68fDLhxgDhM35/4CkUv

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks