Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2a35e3b3e0ce2ebf79ce73e6f187e580N.exe

  • Size

    2.6MB

  • Sample

    240726-tfpfya1gmg

  • MD5

    2a35e3b3e0ce2ebf79ce73e6f187e580

  • SHA1

    365ee986520f66f4231667b0b31e3e0836253cf9

  • SHA256

    f64581d4deefd87bb1930dac2da3e38b8aeb8c93ed12e88d535ddd0191f9e9b3

  • SHA512

    af15d9b93f16600ddb2e98973545afac29505ea46e4312d973558819aa037e40354b8c22b67be8c478a0061e411a6a80ad00f06272c61f781bff5599b0a90849

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBsB/bS:sxX7QnxrloE5dpUpjb

Malware Config

Targets

    • Target

      2a35e3b3e0ce2ebf79ce73e6f187e580N.exe

    • Size

      2.6MB

    • MD5

      2a35e3b3e0ce2ebf79ce73e6f187e580

    • SHA1

      365ee986520f66f4231667b0b31e3e0836253cf9

    • SHA256

      f64581d4deefd87bb1930dac2da3e38b8aeb8c93ed12e88d535ddd0191f9e9b3

    • SHA512

      af15d9b93f16600ddb2e98973545afac29505ea46e4312d973558819aa037e40354b8c22b67be8c478a0061e411a6a80ad00f06272c61f781bff5599b0a90849

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBsB/bS:sxX7QnxrloE5dpUpjb

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks