Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3777391aa10c9f219311bcbc0a8723e0N.exe

  • Size

    3.6MB

  • Sample

    240820-nandssybje

  • MD5

    3777391aa10c9f219311bcbc0a8723e0

  • SHA1

    14cc5d502851c8efd8140184f8205c38b50eec05

  • SHA256

    14bb8089f60455e3c63b11190c3c016e052dccfd4bb7a3ff5c3ce5b71774b695

  • SHA512

    8e3821eb12a535e175554fce4837c5c5e6a0b97c6441fbfc7c6dc2600b571b6169521af4a85169c88be96abe7bb77c6eed5a91a1a233121499cadf202ae089b0

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBrB/bSqz8:sxX7QnxrloE5dpUpQbVz8

Malware Config

Targets

    • Target

      3777391aa10c9f219311bcbc0a8723e0N.exe

    • Size

      3.6MB

    • MD5

      3777391aa10c9f219311bcbc0a8723e0

    • SHA1

      14cc5d502851c8efd8140184f8205c38b50eec05

    • SHA256

      14bb8089f60455e3c63b11190c3c016e052dccfd4bb7a3ff5c3ce5b71774b695

    • SHA512

      8e3821eb12a535e175554fce4837c5c5e6a0b97c6441fbfc7c6dc2600b571b6169521af4a85169c88be96abe7bb77c6eed5a91a1a233121499cadf202ae089b0

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBrB/bSqz8:sxX7QnxrloE5dpUpQbVz8

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks