Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    91ba5d921ec4bc4bedd386d548b2aee0N.exe

  • Size

    1.6MB

  • Sample

    240814-nbg86syfqc

  • MD5

    91ba5d921ec4bc4bedd386d548b2aee0

  • SHA1

    883743c54ea1a2c48cc3c39ee7c78841c4f366dc

  • SHA256

    ee1df8e6168ac9f70e5d236e088e6d0acb713b08a5a4c554da076a97d3d633e3

  • SHA512

    334c286057aaedeb5e651f23d91cc00e68f96b0e9967a34dc34bc509357afb718f9cfc6aa80b7b888c9b18bba91ff2d319590440654ec0908fc759225dfb074f

  • SSDEEP

    49152:VVaZ9HxfSWrcvIX7y3V2C3ZgKPnnMckCGpfL2:k9SWMIsVTPnMcNJ

Malware Config

Targets

    • Target

      91ba5d921ec4bc4bedd386d548b2aee0N.exe

    • Size

      1.6MB

    • MD5

      91ba5d921ec4bc4bedd386d548b2aee0

    • SHA1

      883743c54ea1a2c48cc3c39ee7c78841c4f366dc

    • SHA256

      ee1df8e6168ac9f70e5d236e088e6d0acb713b08a5a4c554da076a97d3d633e3

    • SHA512

      334c286057aaedeb5e651f23d91cc00e68f96b0e9967a34dc34bc509357afb718f9cfc6aa80b7b888c9b18bba91ff2d319590440654ec0908fc759225dfb074f

    • SSDEEP

      49152:VVaZ9HxfSWrcvIX7y3V2C3ZgKPnnMckCGpfL2:k9SWMIsVTPnMcNJ

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks