Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
78023bdaf9f185ff21ad64a6af645fe56a0935c801f85731b8c3a85248e71bd4
-
Size
7.6MB
-
Sample
240914-mc639ayerj
-
MD5
0be4a2592f848a5781a73ee60fa20ba6
-
SHA1
85bf09a2f02d66e8aa03147c90f7edd404c8a6aa
-
SHA256
78023bdaf9f185ff21ad64a6af645fe56a0935c801f85731b8c3a85248e71bd4
-
SHA512
84b138f38e92a6ca5614a706dc8788ba218d7f4e0dde691dab18f1b9256def36475181f456435499a183336f5a385641d7d0b7401c22d42fe6ee5116796f0530
-
SSDEEP
98304:K0XCXkHTfN9Z+1jjw+giUMZCq6bFREzaOHSWLu4F:K0XCXkHTfN9QgirZC5YS
Malware Config
Targets
-
-
Target
78023bdaf9f185ff21ad64a6af645fe56a0935c801f85731b8c3a85248e71bd4
-
Size
7.6MB
-
MD5
0be4a2592f848a5781a73ee60fa20ba6
-
SHA1
85bf09a2f02d66e8aa03147c90f7edd404c8a6aa
-
SHA256
78023bdaf9f185ff21ad64a6af645fe56a0935c801f85731b8c3a85248e71bd4
-
SHA512
84b138f38e92a6ca5614a706dc8788ba218d7f4e0dde691dab18f1b9256def36475181f456435499a183336f5a385641d7d0b7401c22d42fe6ee5116796f0530
-
SSDEEP
98304:K0XCXkHTfN9Z+1jjw+giUMZCq6bFREzaOHSWLu4F:K0XCXkHTfN9QgirZC5YS
Score9/10-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-