Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2d6f723b9839621479baf29358634f10N.exe

  • Size

    515KB

  • Sample

    240821-hdhd3axhkk

  • MD5

    2d6f723b9839621479baf29358634f10

  • SHA1

    387a9f2845133a53a40a9db143b7332e80df8ae1

  • SHA256

    122647b0e0d506d90083df1b85b045bcdfe2865b7ed56f5841bf3923cb053686

  • SHA512

    adec58c00b406f00308a35cfa1b9046073c443e5b27e4eea0bab108c4f7f7e303c47d446dbd51e89deac807b95f48038c5f24b1c313fb47c08bc7fc3f408fe2c

  • SSDEEP

    12288:/n8yN0Mr8ZmkVyy2Vypm3MsS50ugfWaJexX6:vPuZmkVyy2uY7S5hV6

Malware Config

Targets

    • Target

      2d6f723b9839621479baf29358634f10N.exe

    • Size

      515KB

    • MD5

      2d6f723b9839621479baf29358634f10

    • SHA1

      387a9f2845133a53a40a9db143b7332e80df8ae1

    • SHA256

      122647b0e0d506d90083df1b85b045bcdfe2865b7ed56f5841bf3923cb053686

    • SHA512

      adec58c00b406f00308a35cfa1b9046073c443e5b27e4eea0bab108c4f7f7e303c47d446dbd51e89deac807b95f48038c5f24b1c313fb47c08bc7fc3f408fe2c

    • SSDEEP

      12288:/n8yN0Mr8ZmkVyy2Vypm3MsS50ugfWaJexX6:vPuZmkVyy2uY7S5hV6

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks