Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9916257fef89c7a9962da8536cd868b0N

  • Size

    2.6MB

  • Sample

    240911-tgmzhazdrd

  • MD5

    9916257fef89c7a9962da8536cd868b0

  • SHA1

    0ba8ef9222931e78525baeba5622aa42fd3a86f8

  • SHA256

    18d9e6e4776e3b8b5a2eca7143cbc31e344387419f7d336ffbdba2c6f71346be

  • SHA512

    8d2cde92bfa66665c2c930c3aef640b8f5350a80e4a3a62b41896a74d72479971bddeed6fb46167e3df7273e0e1f3da8769e108aa7fb471f213564b89f94cb19

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBLB/bS:sxX7QnxrloE5dpUpUb

Malware Config

Targets

    • Target

      9916257fef89c7a9962da8536cd868b0N

    • Size

      2.6MB

    • MD5

      9916257fef89c7a9962da8536cd868b0

    • SHA1

      0ba8ef9222931e78525baeba5622aa42fd3a86f8

    • SHA256

      18d9e6e4776e3b8b5a2eca7143cbc31e344387419f7d336ffbdba2c6f71346be

    • SHA512

      8d2cde92bfa66665c2c930c3aef640b8f5350a80e4a3a62b41896a74d72479971bddeed6fb46167e3df7273e0e1f3da8769e108aa7fb471f213564b89f94cb19

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBLB/bS:sxX7QnxrloE5dpUpUb

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks