Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Trojan.Autorun.ATA_virussign.com_dea34826f04f9e0e2843331b3a4fd645.exe

  • Size

    2.6MB

  • Sample

    240907-pknb8avapg

  • MD5

    dea34826f04f9e0e2843331b3a4fd645

  • SHA1

    9acb4e68c30db027e55f134d41e145aef6a1b135

  • SHA256

    1218159171e8b1be069c538486ec224e3bca76d7e396d4123a95074424f0e62f

  • SHA512

    506c90e4a638942ca496f21608ebc96ca62011903d2fa5177fd3423714c20bb2b2671fe858b54f1a43859cb1d32d0f86f188e08db9d7ad4b8a63f129e2b44754

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBUB/bS:sxX7QnxrloE5dpUpLb

Malware Config

Targets

    • Target

      Trojan.Autorun.ATA_virussign.com_dea34826f04f9e0e2843331b3a4fd645.exe

    • Size

      2.6MB

    • MD5

      dea34826f04f9e0e2843331b3a4fd645

    • SHA1

      9acb4e68c30db027e55f134d41e145aef6a1b135

    • SHA256

      1218159171e8b1be069c538486ec224e3bca76d7e396d4123a95074424f0e62f

    • SHA512

      506c90e4a638942ca496f21608ebc96ca62011903d2fa5177fd3423714c20bb2b2671fe858b54f1a43859cb1d32d0f86f188e08db9d7ad4b8a63f129e2b44754

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBUB/bS:sxX7QnxrloE5dpUpLb

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks