Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b721cda796355822135677cd008513b0N.exe

  • Size

    2.6MB

  • Sample

    240905-hh8rtawcka

  • MD5

    b721cda796355822135677cd008513b0

  • SHA1

    a29a3537f0ef3f24c91697a1a97a4cbbc61e5456

  • SHA256

    52a4b7ac73f100099b6bb3c6c82ffe809cf851880cd9a66edbde74ef3149b71b

  • SHA512

    4eafc3171d0b9eea0ff93fef1bf8392caa3d2f90072268ee5aa292030e0bb0dad73911bc5cb060219a8c7705589b6a661da207579c05d115981b496f72523f55

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB0B/bS:sxX7QnxrloE5dpUpjb

Malware Config

Targets

    • Target

      b721cda796355822135677cd008513b0N.exe

    • Size

      2.6MB

    • MD5

      b721cda796355822135677cd008513b0

    • SHA1

      a29a3537f0ef3f24c91697a1a97a4cbbc61e5456

    • SHA256

      52a4b7ac73f100099b6bb3c6c82ffe809cf851880cd9a66edbde74ef3149b71b

    • SHA512

      4eafc3171d0b9eea0ff93fef1bf8392caa3d2f90072268ee5aa292030e0bb0dad73911bc5cb060219a8c7705589b6a661da207579c05d115981b496f72523f55

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB0B/bS:sxX7QnxrloE5dpUpjb

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks