Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    QUOTATION_AUGQTRA071244úPDF.scr.exe

  • Size

    424KB

  • Sample

    240819-mss7bszbnc

  • MD5

    6ae95c2d6f02b738de7444c6038270a5

  • SHA1

    75093368f5bf34e546bbcd5e8c1ad11c841be018

  • SHA256

    0874642113d1e0f5690344021c1bb5f3d510d7c1cdc094a40c2d4256d758309e

  • SHA512

    2a14f38b0686be2ff971a4eacaf8d08e79ebdfb31b97ce2406544a62284ebac6863568f2866caba12dff25cbdd5ab2d45166d00ad282a6bc5a23b3e5bbb0e153

  • SSDEEP

    1536:TYYJCfMkDh3TzdhOIb6YtLqugPpgDzXnLKAjoZaYeis/Q7qPpqOLy0uyL+fa:3J4tj7bxrjjooYvYuyb

Malware Config

Targets

    • Target

      QUOTATION_AUGQTRA071244úPDF.scr.exe

    • Size

      424KB

    • MD5

      6ae95c2d6f02b738de7444c6038270a5

    • SHA1

      75093368f5bf34e546bbcd5e8c1ad11c841be018

    • SHA256

      0874642113d1e0f5690344021c1bb5f3d510d7c1cdc094a40c2d4256d758309e

    • SHA512

      2a14f38b0686be2ff971a4eacaf8d08e79ebdfb31b97ce2406544a62284ebac6863568f2866caba12dff25cbdd5ab2d45166d00ad282a6bc5a23b3e5bbb0e153

    • SSDEEP

      1536:TYYJCfMkDh3TzdhOIb6YtLqugPpgDzXnLKAjoZaYeis/Q7qPpqOLy0uyL+fa:3J4tj7bxrjjooYvYuyb

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

    • Accesses Microsoft Outlook profiles

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks