Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2ae2e8afa334693b7486ff0a82c21850N.exe

  • Size

    889KB

  • Sample

    240814-rp3c2s1hnp

  • MD5

    2ae2e8afa334693b7486ff0a82c21850

  • SHA1

    9fa945ed8992a7635ecf9d407e361ef97bbd9d8b

  • SHA256

    8d0a7e35dcb0a8294255f4b3ca375a0413b0167268ceb2c785b3c8b172f78ff2

  • SHA512

    7138f098fbe0b748d907eefdd7ea1d344c85a77fec88c218d2f27624e86b59f293d26baa021f31ba688339cb3783fefddfee2595a1fffadd397211e7db4e28d3

  • SSDEEP

    24576:oWSCQACxatyL57BaLpq2uCeBXzU9/t2A8:VSBXh57wBuX2EA8

Malware Config

Targets

    • Target

      2ae2e8afa334693b7486ff0a82c21850N.exe

    • Size

      889KB

    • MD5

      2ae2e8afa334693b7486ff0a82c21850

    • SHA1

      9fa945ed8992a7635ecf9d407e361ef97bbd9d8b

    • SHA256

      8d0a7e35dcb0a8294255f4b3ca375a0413b0167268ceb2c785b3c8b172f78ff2

    • SHA512

      7138f098fbe0b748d907eefdd7ea1d344c85a77fec88c218d2f27624e86b59f293d26baa021f31ba688339cb3783fefddfee2595a1fffadd397211e7db4e28d3

    • SSDEEP

      24576:oWSCQACxatyL57BaLpq2uCeBXzU9/t2A8:VSBXh57wBuX2EA8

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks