Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    336785376728d96a0356873946e4eda0N.exe

  • Size

    1.2MB

  • Sample

    240822-yvdefaxhrk

  • MD5

    336785376728d96a0356873946e4eda0

  • SHA1

    bfdd80a40cb83bf9a6a70f254dc554a1541b838f

  • SHA256

    fc55f85e2be29b8813bf95b2b764c3a4dc4c9c0668c34a2edabb69c7ed497c2d

  • SHA512

    b9fdbd986842c09539ac450b8f7f786b65df466c6a8dae45fed4b343068cbfa29a4cb225a361b9c95449e8e6aacb0c07d2badee7e621d0cbb3b24854d564c80a

  • SSDEEP

    24576:oW8PF7O2Z3GOZussgZzYrL32+ZDdS9nCqXEJ+LqoModFvd1dIk7HLwv:V8PtJGqussgZkf3P+hZvdvIsO

Malware Config

Targets

    • Target

      336785376728d96a0356873946e4eda0N.exe

    • Size

      1.2MB

    • MD5

      336785376728d96a0356873946e4eda0

    • SHA1

      bfdd80a40cb83bf9a6a70f254dc554a1541b838f

    • SHA256

      fc55f85e2be29b8813bf95b2b764c3a4dc4c9c0668c34a2edabb69c7ed497c2d

    • SHA512

      b9fdbd986842c09539ac450b8f7f786b65df466c6a8dae45fed4b343068cbfa29a4cb225a361b9c95449e8e6aacb0c07d2badee7e621d0cbb3b24854d564c80a

    • SSDEEP

      24576:oW8PF7O2Z3GOZussgZzYrL32+ZDdS9nCqXEJ+LqoModFvd1dIk7HLwv:V8PtJGqussgZkf3P+hZvdvIsO

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks