Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    SetLoader.small.bin.zip

  • Size

    3.0MB

  • Sample

    240823-lam2xsyclj

  • MD5

    77ab0f81579b7f22a0a7e3e3fcc3a06f

  • SHA1

    5872491375df8710e45e22bd4f6b51f523ff20c3

  • SHA256

    495b05b6f2faa5294f00e3d891a137e0f3f2a34430055030b002438aa29fbd99

  • SHA512

    abe7fc469680ec0b2d603a93724e482523fdf16ecd409b105b4265d8509791aedd53cfa2fd4e406736fbdc322539e01efcf4cfdd572680066aef2ee1bb5f6037

  • SSDEEP

    98304:WlLCDBO7sZS0fENjE/1BI/VtMJbRaDm2W:6CD8sYgyI/jI//M+FW

Malware Config

Targets

    • Target

      SetLoader.small.bin

    • Size

      6.2MB

    • MD5

      0ea7c6316dd45ced14dbd5b06dfb2098

    • SHA1

      6a53d81c044117204b5d256aeb121fa77ee23e78

    • SHA256

      719b18a62ffd20ee2ac96d12cdb6a961469e00bed11255e1ce616f8747239bde

    • SHA512

      1e934d7da30a5357f9715395b0c320fe59a32b3cf3ea298d410bb2d359fe397e34e45e792a0d189412bbc90970384d6dcfa46a6facbe570d42125a9c4113dcb2

    • SSDEEP

      49152:gLnlZDQmTSiQb4N+rgzs5/cS3S7EI05pb2OiYbil7wOdmftCQor+gEu5+HDjlI3W:gbHfYb7EmfQ+gNICEvZ5

    • DeerStealer

      Detects DeerStealer malware - JaffaCakes118.

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

    • Reads WinSCP keys stored on the system

      Tries to access WinSCP stored sessions.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks