Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5091fe1c7f537103ea45ab73884f0c40N.exe

  • Size

    561KB

  • Sample

    240722-dq1nysvhnd

  • MD5

    5091fe1c7f537103ea45ab73884f0c40

  • SHA1

    fcd3fb1952e346316fac17795442e990f1d1d116

  • SHA256

    75bd69e4009a93ef0352ad26a7a30bc2a0edb49a86b30a11e9610e7600fb3a54

  • SHA512

    6939e7450cce353dfa36ec6110fd917e945dea04e4a86d63faa264439b5d20b302892bf33b2101a16374f2d7121f72f18cb234d96a43c266cabb43f6f14ee2a7

  • SSDEEP

    12288:dXCNi9B/zZOFw5lACbevf1gtRoCymizViMysRw5gMz1MIl6SiSJmpckBeuy:oWdkwTVegtRoCymCi7sG5gMZ6HtOh

Malware Config

Targets

    • Target

      5091fe1c7f537103ea45ab73884f0c40N.exe

    • Size

      561KB

    • MD5

      5091fe1c7f537103ea45ab73884f0c40

    • SHA1

      fcd3fb1952e346316fac17795442e990f1d1d116

    • SHA256

      75bd69e4009a93ef0352ad26a7a30bc2a0edb49a86b30a11e9610e7600fb3a54

    • SHA512

      6939e7450cce353dfa36ec6110fd917e945dea04e4a86d63faa264439b5d20b302892bf33b2101a16374f2d7121f72f18cb234d96a43c266cabb43f6f14ee2a7

    • SSDEEP

      12288:dXCNi9B/zZOFw5lACbevf1gtRoCymizViMysRw5gMz1MIl6SiSJmpckBeuy:oWdkwTVegtRoCymCi7sG5gMZ6HtOh

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks