Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-09-06_42de77abd175704c309043f30dce2cb5_mafia

  • Size

    5.2MB

  • Sample

    240906-awtk2sxbje

  • MD5

    42de77abd175704c309043f30dce2cb5

  • SHA1

    55b10e1f9358870c779c81d3a031dae986ef7518

  • SHA256

    3b77843763a39bcd34bed0bfeeb2f0d4b52a3ba2378935bddefd36f751814dfe

  • SHA512

    cddbddbe12daec4bcb59108587221b2804446b3dee3a713a405a0eabb844530a5eb466798075212026a35164a342a63f2b66d552c501f0d23d064e2a77b933fa

  • SSDEEP

    98304:3qEIrYsdTVS6yH/giRKMcekRDsCDnFk2HY5icmKa:hzsd09fgiANPDnnr6icmKa

Malware Config

Targets

    • Target

      2024-09-06_42de77abd175704c309043f30dce2cb5_mafia

    • Size

      5.2MB

    • MD5

      42de77abd175704c309043f30dce2cb5

    • SHA1

      55b10e1f9358870c779c81d3a031dae986ef7518

    • SHA256

      3b77843763a39bcd34bed0bfeeb2f0d4b52a3ba2378935bddefd36f751814dfe

    • SHA512

      cddbddbe12daec4bcb59108587221b2804446b3dee3a713a405a0eabb844530a5eb466798075212026a35164a342a63f2b66d552c501f0d23d064e2a77b933fa

    • SSDEEP

      98304:3qEIrYsdTVS6yH/giRKMcekRDsCDnFk2HY5icmKa:hzsd09fgiANPDnnr6icmKa

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks for any installed AV software in registry

MITRE ATT&CK Enterprise v15

Tasks