Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e325f810a9b2707499e4afc290454470N.exe

  • Size

    154KB

  • Sample

    240818-be5sesxala

  • MD5

    e325f810a9b2707499e4afc290454470

  • SHA1

    421469166a1c664cc83cabcbcbffc7eeac8f06e8

  • SHA256

    c0e4da2741f235ed02a837fda6dc36d6b3d7df0d362573d7e017dc4de5983c95

  • SHA512

    6116708792908482547c73e7832dd7f1d9fd58028f7fcc74a5ce6b62a6d23b7cdc9e6c2f47fa4bf71a37e258bdb48b6f4df01e807756b64e702dc5d74958f070

  • SSDEEP

    3072:oGqIGRpTa9p1om9PW/pqqsFUCN3R9MI+ItKVdtH2ub83P+XDzhBsUGxqpGTVhzOU:oGHGRpO9p1om9+xs3NBBtKV2x+XDFB5+

Malware Config

Targets

    • Target

      e325f810a9b2707499e4afc290454470N.exe

    • Size

      154KB

    • MD5

      e325f810a9b2707499e4afc290454470

    • SHA1

      421469166a1c664cc83cabcbcbffc7eeac8f06e8

    • SHA256

      c0e4da2741f235ed02a837fda6dc36d6b3d7df0d362573d7e017dc4de5983c95

    • SHA512

      6116708792908482547c73e7832dd7f1d9fd58028f7fcc74a5ce6b62a6d23b7cdc9e6c2f47fa4bf71a37e258bdb48b6f4df01e807756b64e702dc5d74958f070

    • SSDEEP

      3072:oGqIGRpTa9p1om9PW/pqqsFUCN3R9MI+ItKVdtH2ub83P+XDzhBsUGxqpGTVhzOU:oGHGRpO9p1om9+xs3NBBtKV2x+XDFB5+

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks