Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

9

PasswordScan.chm

windows7-x64

1

PasswordScan.chm

windows10-2004-x64

1

PasswordScan.exe

windows7-x64

9

PasswordScan.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bb4f9638dcfd17279a5d315ef8093511_JaffaCakes118

  • Size

    311KB

  • Sample

    240823-l8r4jaxhrf

  • MD5

    bb4f9638dcfd17279a5d315ef8093511

  • SHA1

    a299952df069203f18ff4ffd2b9daf2f1d039a9e

  • SHA256

    a87651cf3ffd7550018294c1b6a5c987f7f8bf29e205b82b31a76f518050b3fd

  • SHA512

    2e49f39edcb066cc5736c030af85d9fec24f3bf3ba95ebe8dd6fdb1a858d9587e4931ee2d659b9929650f8cbad6a00e512bd904cfd9796b1f9632296748f9a61

  • SSDEEP

    6144:LqGrfycuzMMN+3ORXCUHn3hkoOjuO4PdDP/g/Jzz2p:xxMNKOgw3sjuVdQBGp

Score
9/10
credential_accessspywarestealer

Malware Config

Targets

    • Target

      PasswordScan.chm

    • Size

      16KB

    • MD5

      3f7288c20df47014c4b778e0f1f219f5

    • SHA1

      99c4b00ece8af21053ef0116197dc45fba063221

    • SHA256

      c2f425e829bd77eea1e2df5ab335a44c6607e4411e43a071f4cd9006c8c3d3ee

    • SHA512

      fad63afeda61f5ca2eea8d085223a3475a6a258b5ae4f355d49b84823f0c9bc18cfdbfd9e39f48e2c2581305070165c8945a61021ff3f92452faae70e3718d53

    • SSDEEP

      192:Pc1VvDl7tU6f/Q6DkDbrOYPnVCXW1nodP2Jd3jOj9a5KbgdvRSHji:Pcjdf3kjtd2inCIossbEsW

    Score
    1/10
    behavioral1behavioral2

    • Target

      PasswordScan.exe

    • Size

      579KB

    • MD5

      9c1ffaf6015e5ed56a981cea5f0937a9

    • SHA1

      34e8b64c9cb5dacdca2e98cc4050fa7f3469b19a

    • SHA256

      32e9052bfcf8ebbe86164ef29e58b293b505c9101d1ee9c3bc04a508a3a9a7fc

    • SHA512

      4ce58f5bceb3b5efba44c0f53ea084a5538634a589c6b80aef7d86afe8629c0136d4478ec58e366ac5d192d344b1d3961bd0f8cafba391ce7c7d6d515d784065

    • SSDEEP

      12288:b2l6mBtnALzuOfPv3tzRSRnblGhCVRxFWxksg:qtnAmOfH3tVSRnJKCh49g

    Score
    9/10
    credential_accessspywarestealer

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

      credential_accessstealer

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

      spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks