Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0be35541a24155bf461c197257477710N.exe

  • Size

    790KB

  • Sample

    240721-zlplsawepj

  • MD5

    0be35541a24155bf461c197257477710

  • SHA1

    b52beadc0adc5d2daf2fabe13ef058137a1e95b5

  • SHA256

    d5a5f4ccee3eb6ff57d357545f0cc7f3a2af1ac032bac615fb3807b9c50b4cfa

  • SHA512

    b503baf743c9ee3ad1c2f3bb3f796cd85ab6db20e691c1ee59030c431d1dce9d384c283b0333c61350d3220b226586483d0a8b5e396fcb2b80642b3421666d56

  • SSDEEP

    24576:oWcDgVdywgLwIs5JEfV8nmR1Gxk0xUzTJQU:VSEdJIs5JEfVN02z+U

Malware Config

Targets

    • Target

      0be35541a24155bf461c197257477710N.exe

    • Size

      790KB

    • MD5

      0be35541a24155bf461c197257477710

    • SHA1

      b52beadc0adc5d2daf2fabe13ef058137a1e95b5

    • SHA256

      d5a5f4ccee3eb6ff57d357545f0cc7f3a2af1ac032bac615fb3807b9c50b4cfa

    • SHA512

      b503baf743c9ee3ad1c2f3bb3f796cd85ab6db20e691c1ee59030c431d1dce9d384c283b0333c61350d3220b226586483d0a8b5e396fcb2b80642b3421666d56

    • SSDEEP

      24576:oWcDgVdywgLwIs5JEfV8nmR1Gxk0xUzTJQU:VSEdJIs5JEfVN02z+U

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks