Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

a8daa92e55...0N.exe

windows7-x64

9

a8daa92e55...0N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a8daa92e55bf522c3ea32db9e7b85a50N

  • Size

    3.1MB

  • Sample

    240911-mplcbawfld

  • MD5

    a8daa92e55bf522c3ea32db9e7b85a50

  • SHA1

    472806c86ca4f06f8f8115a764cc149ba64cfc29

  • SHA256

    6b6e925ef9c1740711034eee6ae66ca208d219b8fb8fb93b561070aec3e83a5b

  • SHA512

    10092873245de0933ac696aa0d7072ee81eaf78787a2f19eb98d58f908f36c66e60d84cef6dd174d318a64f55b4543bd8b7d04eaf2278a2e618e5b6672043cd3

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBPB/bSqz8b6LNXJqI20:sxX7QnxrloE5dpUp0bVz8eLFcz

Score
9/10
credential_accessdiscoverypersistencespywarestealer

Malware Config

Targets

    • Target

      a8daa92e55bf522c3ea32db9e7b85a50N

    • Size

      3.1MB

    • MD5

      a8daa92e55bf522c3ea32db9e7b85a50

    • SHA1

      472806c86ca4f06f8f8115a764cc149ba64cfc29

    • SHA256

      6b6e925ef9c1740711034eee6ae66ca208d219b8fb8fb93b561070aec3e83a5b

    • SHA512

      10092873245de0933ac696aa0d7072ee81eaf78787a2f19eb98d58f908f36c66e60d84cef6dd174d318a64f55b4543bd8b7d04eaf2278a2e618e5b6672043cd3

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBPB/bSqz8b6LNXJqI20:sxX7QnxrloE5dpUp0bVz8eLFcz

    Score
    9/10
    credential_accessdiscoverypersistencespywarestealer

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

      credential_accessstealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks