Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    aicoin-latestx64.exe.vir

  • Size

    156.8MB

  • Sample

    240826-feq2gswblf

  • MD5

    45933925afe12e9bc47661200085818b

  • SHA1

    29d1c227b3a30fc7b3a9d6d5a8fc249b2c1d4094

  • SHA256

    139c45fee905d4cb0d38140d76d4e954cde6ca22e78735cf996ad1eb45d0d4db

  • SHA512

    e179a59c0f3ff3ac89dfbf8fd62deb660067dcb794a64ad101296c3eb59309b0ba4776c223a6d1747de218bbe16ae97a7c8d6c69b3bbcd33361c074ac4817c7e

  • SSDEEP

    3145728:MblbdMCCtZIoxx0aC7Gum+p6rLsVr2yBDLJhzqjD4g/BbvL/SxDvBbjp:6lZCYov0aC7nzsr4VvOP4ub7SxDvpp

Malware Config

Targets

    • Target

      aicoin-latestx64.exe.vir

    • Size

      156.8MB

    • MD5

      45933925afe12e9bc47661200085818b

    • SHA1

      29d1c227b3a30fc7b3a9d6d5a8fc249b2c1d4094

    • SHA256

      139c45fee905d4cb0d38140d76d4e954cde6ca22e78735cf996ad1eb45d0d4db

    • SHA512

      e179a59c0f3ff3ac89dfbf8fd62deb660067dcb794a64ad101296c3eb59309b0ba4776c223a6d1747de218bbe16ae97a7c8d6c69b3bbcd33361c074ac4817c7e

    • SSDEEP

      3145728:MblbdMCCtZIoxx0aC7Gum+p6rLsVr2yBDLJhzqjD4g/BbvL/SxDvBbjp:6lZCYov0aC7nzsr4VvOP4ub7SxDvpp

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks