Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
hwid-window-spoofer-main.zip
-
Size
8KB
-
Sample
240811-e59qvazakg
-
MD5
882e07f7aefe50ab756ab2f7e6c995f7
-
SHA1
857afbf41b249cfdf2aaedb55f967c624e53f3d1
-
SHA256
63de9048668784bad86afb5490d469bb5596170bfc528045e3c0272a1fdd3505
-
SHA512
ace0154c090dde2869cc3e4333b7020291f827d1c1b051c2f3437ea79e1dca3d0286e35dd9c6c4961e75a04157a854600dc35b481e4223896be008532ad3b78a
-
SSDEEP
192:V6mS4ShGbCpukqDe1pj1LdmFWwAblzuc9XBl137/n7rd:VGlAHDe1/osLT5t
Static task
static1
Behavioral task
behavioral1
Sample
hwid-window-spoofer-main/hwid_magic.bat
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
hwid-window-spoofer-main/hwid_magic.bat
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
hwid-window-spoofer-main/hwid_magic.bat
-
Size
45KB
-
MD5
a3ab5c1d3d86d27b3764d5ff39adde5e
-
SHA1
ac8bdc4e94db981ccdb78d0b246f7925b56f7ac7
-
SHA256
b4412cbb504063c9dff0f4c41f3efbdf836c0fa95a0d932de85cb80df51276d6
-
SHA512
5fe3819d693745f8595b8b18fa1b3b94f69adbd1575fb2397889d65bfb2b9d70052016ac613365e2df9567b8e3a412bad609c9786e5991e0d08e019d6b17f474
-
SSDEEP
384:57wK8+SMS8Sn16d/s16JijVAJ9OSU5RCn3I3k4L1oPunRz+eV5pK/F23aKVed+NE:5IKSBL1oP6Rz+Enfdh9YL8oPbT
Score9/10-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Deletes itself
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1