Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

SetLoader.small.exe

windows7-x64

10

SetLoader.small.exe

windows10-1703-x64

10

SetLoader.small.exe

windows10-2004-x64

10

SetLoader.small.exe

windows11-21h2-x64

10

Analysis

  • max time kernel
    134s
  • max time network
    140s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    23/08/2024, 09:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SetLoader.small.exe

  • Size

    6.2MB

  • MD5

    0ea7c6316dd45ced14dbd5b06dfb2098

  • SHA1

    6a53d81c044117204b5d256aeb121fa77ee23e78

  • SHA256

    719b18a62ffd20ee2ac96d12cdb6a961469e00bed11255e1ce616f8747239bde

  • SHA512

    1e934d7da30a5357f9715395b0c320fe59a32b3cf3ea298d410bb2d359fe397e34e45e792a0d189412bbc90970384d6dcfa46a6facbe570d42125a9c4113dcb2

  • SSDEEP

    49152:gLnlZDQmTSiQb4N+rgzs5/cS3S7EI05pb2OiYbil7wOdmftCQor+gEu5+HDjlI3W:gbHfYb7EmfQ+gNICEvZ5

Score
10/10
credential_accessdiscoveryspywarestealer

Malware Config

Signatures

  • DeerStealer 15 IoCs

    Detects DeerStealer malware - JaffaCakes118.

    stealer
  • Credentials from Password Stores: Credentials from Web Browsers 1 TTPs

    Malicious Access or copy of Web Browser Credential store.

    credential_accessstealer
  • Reads WinSCP keys stored on the system 2 TTPs

    Tries to access WinSCP stored sessions.

    spywarestealer
  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SetLoader.small.exe
    "C:\Users\Admin\AppData\Local\Temp\SetLoader.small.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:204

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/204-0-0x0000000002750000-0x0000000002751000-memory.dmp

    Filesize

    4KB

    Download

  • memory/204-9-0x0000000002E00000-0x0000000003013000-memory.dmp

    Filesize

    2.1MB

    Download

  • memory/204-12-0x0000000140000000-0x000000014027E000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/204-18-0x0000000140000000-0x000000014027E000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/204-17-0x0000000140000000-0x000000014027E000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/204-16-0x0000000140000000-0x000000014027E000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/204-15-0x0000000140000000-0x000000014027E000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/204-14-0x0000000140000000-0x000000014027E000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/204-13-0x0000000140000000-0x000000014027E000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/204-1-0x0000000140000000-0x000000014027E000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/204-19-0x0000000140000000-0x000000014027E000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/204-20-0x0000000140000000-0x000000014027E000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/204-27-0x0000000140000000-0x000000014027E000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/204-29-0x0000000002750000-0x0000000002751000-memory.dmp

    Filesize

    4KB

    Download

  • memory/204-30-0x0000000002E00000-0x0000000003013000-memory.dmp

    Filesize

    2.1MB

    Download

  • memory/204-31-0x0000000000400000-0x0000000000A38000-memory.dmp

    Filesize

    6.2MB

    Download

  • memory/204-36-0x00007FFBDAF85000-0x00007FFBDAF86000-memory.dmp

    Filesize

    4KB

    Download

  • memory/204-35-0x0000000140000000-0x000000014027E000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/204-38-0x0000000140000000-0x000000014027E000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/204-40-0x0000000140000000-0x000000014027E000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/204-45-0x00007FFBDAEE0000-0x00007FFBDB0BB000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/204-46-0x0000000140000000-0x000000014027E000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/204-47-0x0000000140000000-0x000000014027E000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/204-57-0x00007FFBDAEE0000-0x00007FFBDB0BB000-memory.dmp

    Filesize

    1.9MB

    Download