Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4b5a4639b5d423aa1079f67ae74ae010N.exe

  • Size

    3.6MB

  • Sample

    240726-yjyk8s1bpq

  • MD5

    4b5a4639b5d423aa1079f67ae74ae010

  • SHA1

    eeb5bedf3071f79797ce675be3511ea51691cadf

  • SHA256

    c8a861f5d84df03a97ec8b51d77b4ba91e6ccc84dd7222b70d5a1f065efcae24

  • SHA512

    fc252824c9df9f9127a6815c03f7871701c4180237e9b00c5163ed55a5563151220d5e26dfb75a3a279df4ee82c9aa2d5fa853b42cf0b75db8fdd22c56b8f4e5

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBLB/bSqz8:sxX7QnxrloE5dpUp8bVz8

Malware Config

Targets

    • Target

      4b5a4639b5d423aa1079f67ae74ae010N.exe

    • Size

      3.6MB

    • MD5

      4b5a4639b5d423aa1079f67ae74ae010

    • SHA1

      eeb5bedf3071f79797ce675be3511ea51691cadf

    • SHA256

      c8a861f5d84df03a97ec8b51d77b4ba91e6ccc84dd7222b70d5a1f065efcae24

    • SHA512

      fc252824c9df9f9127a6815c03f7871701c4180237e9b00c5163ed55a5563151220d5e26dfb75a3a279df4ee82c9aa2d5fa853b42cf0b75db8fdd22c56b8f4e5

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBLB/bSqz8:sxX7QnxrloE5dpUp8bVz8

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks