Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
13a7d99f039d8bea8659dfe66cd7c170N.exe
-
Size
2.6MB
-
Sample
240821-m5lb9avcpa
-
MD5
13a7d99f039d8bea8659dfe66cd7c170
-
SHA1
47f427b1a3b89bcc1370af11c0826642a4586485
-
SHA256
d36f1550867d993a3042cb7a1235fb4adb02cacdc7477f329985c3fb3d36f819
-
SHA512
1c9c26d2435de00aa2ad10068b77c55f216da624dc450fa870da18648989663ec4892c6dc504a6311bc3c89465bc3e71c72b60cf8950bbc341805c77cd383f3e
-
SSDEEP
49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBBB/bS:sxX7QnxrloE5dpUpab
Malware Config
Targets
-
-
Target
13a7d99f039d8bea8659dfe66cd7c170N.exe
-
Size
2.6MB
-
MD5
13a7d99f039d8bea8659dfe66cd7c170
-
SHA1
47f427b1a3b89bcc1370af11c0826642a4586485
-
SHA256
d36f1550867d993a3042cb7a1235fb4adb02cacdc7477f329985c3fb3d36f819
-
SHA512
1c9c26d2435de00aa2ad10068b77c55f216da624dc450fa870da18648989663ec4892c6dc504a6311bc3c89465bc3e71c72b60cf8950bbc341805c77cd383f3e
-
SSDEEP
49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBBB/bS:sxX7QnxrloE5dpUpab
Score9/10-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-