Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    015f263e759ee7d432477896b133e2e1.exe

  • Size

    1.7MB

  • Sample

    240821-hts6havflh

  • MD5

    015f263e759ee7d432477896b133e2e1

  • SHA1

    3d681383899c36f8b68f5dcd07467fe5500b62e2

  • SHA256

    78a447652c13652d61bab358c48f634e9c005d38d06e6f93ae260c7aa7236c57

  • SHA512

    2e16ca38d5e3b42711119471100a8d7b526302cf5ebe6e36d90c52c8f0b779393c66d58aaf0571c202f04aa2ffff602adf6940a843d29218ad68360a0a61333f

  • SSDEEP

    49152:JtGL2S0VHoPxdKRo2sTjgL9R2fk5RbMqhpFhjSpY:JtG63VOuo2E8LOCI2U

Malware Config

Targets

    • Target

      015f263e759ee7d432477896b133e2e1.exe

    • Size

      1.7MB

    • MD5

      015f263e759ee7d432477896b133e2e1

    • SHA1

      3d681383899c36f8b68f5dcd07467fe5500b62e2

    • SHA256

      78a447652c13652d61bab358c48f634e9c005d38d06e6f93ae260c7aa7236c57

    • SHA512

      2e16ca38d5e3b42711119471100a8d7b526302cf5ebe6e36d90c52c8f0b779393c66d58aaf0571c202f04aa2ffff602adf6940a843d29218ad68360a0a61333f

    • SSDEEP

      49152:JtGL2S0VHoPxdKRo2sTjgL9R2fk5RbMqhpFhjSpY:JtG63VOuo2E8LOCI2U

    • Loads dropped DLL

    • Reads WinSCP keys stored on the system

      Tries to access WinSCP stored sessions.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses Microsoft Outlook profiles

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks