Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    10b6e821e9a2b645f25c1ba0ce250f40N.exe

  • Size

    4.1MB

  • Sample

    240818-g48hhazfmh

  • MD5

    10b6e821e9a2b645f25c1ba0ce250f40

  • SHA1

    5888930755f20a01dcb04851018e246ae750816f

  • SHA256

    15b765faa8efcc2dac8c42f9126ba9ee3aacab335d6ac28391be0bceff3a6b8c

  • SHA512

    a59f3f13d5e3363fe6f1d3c7605e1c6cd427abe4a0727510c402733232d1a55637106cf1a87bd787060a86467feaf813d9fe5d721718c174f4acb96907b5b569

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBlB/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUpybVz8eLFcz

Malware Config

Targets

    • Target

      10b6e821e9a2b645f25c1ba0ce250f40N.exe

    • Size

      4.1MB

    • MD5

      10b6e821e9a2b645f25c1ba0ce250f40

    • SHA1

      5888930755f20a01dcb04851018e246ae750816f

    • SHA256

      15b765faa8efcc2dac8c42f9126ba9ee3aacab335d6ac28391be0bceff3a6b8c

    • SHA512

      a59f3f13d5e3363fe6f1d3c7605e1c6cd427abe4a0727510c402733232d1a55637106cf1a87bd787060a86467feaf813d9fe5d721718c174f4acb96907b5b569

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBlB/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUpybVz8eLFcz

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks