Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

49387e11c6...7d.exe

windows7-x64

7

49387e11c6...7d.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    49387e11c69e53ae0ee354a3949c8b3b6b33c795421c6bfdb0bfc143022d8d7d

  • Size

    66KB

  • Sample

    240921-r3gy9sxdme

  • MD5

    4fb487529015ff51edde64445286e1e1

  • SHA1

    b8f31ace306e77d368c647911da0c60009c14379

  • SHA256

    49387e11c69e53ae0ee354a3949c8b3b6b33c795421c6bfdb0bfc143022d8d7d

  • SHA512

    3ed32810cfbb5b2a7c86c0e959b35dad36b1df5fb125fe45787adc35939d582a19ec73c918fd073c6d4c17b8f5c470187af13cfe0d6ca1e1a5a1605610497631

  • SSDEEP

    768:2UmNHp+Vxr1x5cE9Fl5pz8w1rU9hFInlItvVhoEqzjQCyGleXNhyaBt6UkAkBJzz:2fpsrz8GvnGtvVfqzlledcTJzz

Score
7/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      49387e11c69e53ae0ee354a3949c8b3b6b33c795421c6bfdb0bfc143022d8d7d

    • Size

      66KB

    • MD5

      4fb487529015ff51edde64445286e1e1

    • SHA1

      b8f31ace306e77d368c647911da0c60009c14379

    • SHA256

      49387e11c69e53ae0ee354a3949c8b3b6b33c795421c6bfdb0bfc143022d8d7d

    • SHA512

      3ed32810cfbb5b2a7c86c0e959b35dad36b1df5fb125fe45787adc35939d582a19ec73c918fd073c6d4c17b8f5c470187af13cfe0d6ca1e1a5a1605610497631

    • SSDEEP

      768:2UmNHp+Vxr1x5cE9Fl5pz8w1rU9hFInlItvVhoEqzjQCyGleXNhyaBt6UkAkBJzz:2fpsrz8GvnGtvVfqzlledcTJzz

    Score
    7/10
    discoveryspywarestealer

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks