Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f11c7bce06ba3ffcb49c370e81607da0N.exe

  • Size

    538KB

  • Sample

    240821-ynnltsxdre

  • MD5

    f11c7bce06ba3ffcb49c370e81607da0

  • SHA1

    43c21f0230ed183d9da37d68411dff6002bc8907

  • SHA256

    86e32debc724ab505081f11fd3fc8088cdf26654411053deb76a4aec3d7e665a

  • SHA512

    e59b0ba543ca9fa6b457f578481072745a4571f2cd3f351226ecaa513b6260e189cc5af9811d6f0c7373e3c9902b3ef632d8b6c9cae18663932697f4ec20f453

  • SSDEEP

    12288:/n8yN0Mr8ZJJw1jm0Uq+pnWHDiZPWho5hWcrIm+xM/EWGKWYuaP:vPuZJK1Kbgq+h2rdjWYb

Malware Config

Targets

    • Target

      f11c7bce06ba3ffcb49c370e81607da0N.exe

    • Size

      538KB

    • MD5

      f11c7bce06ba3ffcb49c370e81607da0

    • SHA1

      43c21f0230ed183d9da37d68411dff6002bc8907

    • SHA256

      86e32debc724ab505081f11fd3fc8088cdf26654411053deb76a4aec3d7e665a

    • SHA512

      e59b0ba543ca9fa6b457f578481072745a4571f2cd3f351226ecaa513b6260e189cc5af9811d6f0c7373e3c9902b3ef632d8b6c9cae18663932697f4ec20f453

    • SSDEEP

      12288:/n8yN0Mr8ZJJw1jm0Uq+pnWHDiZPWho5hWcrIm+xM/EWGKWYuaP:vPuZJK1Kbgq+h2rdjWYb

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks