Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b39e98716029fad9961399c48c93dc20N.exe
-
Size
2.6MB
-
Sample
240821-g91pvaxfqp
-
MD5
b39e98716029fad9961399c48c93dc20
-
SHA1
7863d214700f1dd6b8cb1b44fc2171a7e4f22771
-
SHA256
5a5278a67eac531f9b6c27e2410bf8c008ac9f5204672ec24862312b2d7a5dda
-
SHA512
e15b771de1629f9d532d2c33678f28af2c87e6aa66f7ce8156dab3d882114ae87eb229f4a962e0314cabea67798a42999c26fc1962b63d67d3d31e0c16198435
-
SSDEEP
49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB/B/bS:sxX7QnxrloE5dpUpcb
Malware Config
Targets
-
-
Target
b39e98716029fad9961399c48c93dc20N.exe
-
Size
2.6MB
-
MD5
b39e98716029fad9961399c48c93dc20
-
SHA1
7863d214700f1dd6b8cb1b44fc2171a7e4f22771
-
SHA256
5a5278a67eac531f9b6c27e2410bf8c008ac9f5204672ec24862312b2d7a5dda
-
SHA512
e15b771de1629f9d532d2c33678f28af2c87e6aa66f7ce8156dab3d882114ae87eb229f4a962e0314cabea67798a42999c26fc1962b63d67d3d31e0c16198435
-
SSDEEP
49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB/B/bS:sxX7QnxrloE5dpUpcb
Score9/10-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-