Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    80965b44d705b5cc644160777d8e3cb0N.exe

  • Size

    2.6MB

  • Sample

    240906-blc1zsxhmn

  • MD5

    80965b44d705b5cc644160777d8e3cb0

  • SHA1

    8c437db70779fbc40b86ff837e1f40dc1c7a539d

  • SHA256

    c3b369a69848da75bc31098a6a4f24b036c2fcc9634f17451f06cbe213ef0f9f

  • SHA512

    48f4fae9874dba2d3d9525e069ee139ea17b55c3c8bf592b466efa1ad5aeee482876a9c813dfb05ff227df5b45820754c0afc5a0d2443223f36a2f6eccba70d9

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBPB/bS:sxX7QnxrloE5dpUp4b

Malware Config

Targets

    • Target

      80965b44d705b5cc644160777d8e3cb0N.exe

    • Size

      2.6MB

    • MD5

      80965b44d705b5cc644160777d8e3cb0

    • SHA1

      8c437db70779fbc40b86ff837e1f40dc1c7a539d

    • SHA256

      c3b369a69848da75bc31098a6a4f24b036c2fcc9634f17451f06cbe213ef0f9f

    • SHA512

      48f4fae9874dba2d3d9525e069ee139ea17b55c3c8bf592b466efa1ad5aeee482876a9c813dfb05ff227df5b45820754c0afc5a0d2443223f36a2f6eccba70d9

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBPB/bS:sxX7QnxrloE5dpUp4b

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks