Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    963572ec4604e847d367a248b9a5d440N.exe

  • Size

    2.6MB

  • Sample

    240820-gbdseswbjg

  • MD5

    963572ec4604e847d367a248b9a5d440

  • SHA1

    dd1a94469ce7d8d9071b028a9dbe7b3177a27602

  • SHA256

    b5a53522aa466511bb82d372461b3b4fc1ac33e9073365cd17f67b6deba1ff66

  • SHA512

    1748c1ab69ab2769a9900129210c2573f6484eeda37f9535be87a132c3e7b180a3b4b62569aa7eaea64c45068eccb047775be8dba6957fa361b8c98b2004422a

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBiB/bS:sxX7QnxrloE5dpUplb

Malware Config

Targets

    • Target

      963572ec4604e847d367a248b9a5d440N.exe

    • Size

      2.6MB

    • MD5

      963572ec4604e847d367a248b9a5d440

    • SHA1

      dd1a94469ce7d8d9071b028a9dbe7b3177a27602

    • SHA256

      b5a53522aa466511bb82d372461b3b4fc1ac33e9073365cd17f67b6deba1ff66

    • SHA512

      1748c1ab69ab2769a9900129210c2573f6484eeda37f9535be87a132c3e7b180a3b4b62569aa7eaea64c45068eccb047775be8dba6957fa361b8c98b2004422a

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBiB/bS:sxX7QnxrloE5dpUplb

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks