Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    10c4bb72ab3b2862987122e1e310c990N.exe

  • Size

    2.0MB

  • Sample

    240721-z4akksxdll

  • MD5

    10c4bb72ab3b2862987122e1e310c990

  • SHA1

    f331fc91b8d79e17158d100d801a11ee79058555

  • SHA256

    44a199edb96e9439c388d2e6c3f52ec99d133c4b11ee3784c429740658e5e78f

  • SHA512

    833632b2e6a3664378973ae9a0708c66a8fe0a622ce0d8cb7344a0a5af1eee8760f1037b7fd2db8309bc087f6abb9bccc37a8da4c47987f4b49c0a06926c8c92

  • SSDEEP

    49152:VLNH+iB6U34KiRyNfDlkcNz6p94hycHR3MnB7NWe101sm8:3eiBT4pRyYcN8wRQB7NWS6sl

Malware Config

Targets

    • Target

      10c4bb72ab3b2862987122e1e310c990N.exe

    • Size

      2.0MB

    • MD5

      10c4bb72ab3b2862987122e1e310c990

    • SHA1

      f331fc91b8d79e17158d100d801a11ee79058555

    • SHA256

      44a199edb96e9439c388d2e6c3f52ec99d133c4b11ee3784c429740658e5e78f

    • SHA512

      833632b2e6a3664378973ae9a0708c66a8fe0a622ce0d8cb7344a0a5af1eee8760f1037b7fd2db8309bc087f6abb9bccc37a8da4c47987f4b49c0a06926c8c92

    • SSDEEP

      49152:VLNH+iB6U34KiRyNfDlkcNz6p94hycHR3MnB7NWe101sm8:3eiBT4pRyYcN8wRQB7NWS6sl

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks