Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

204c2f1c9a...31.exe

windows7-x64

8

204c2f1c9a...31.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    204c2f1c9a9445ca2194aecebff5a7eabd8502525659fb1f3783d7cbcca13831

  • Size

    66KB

  • Sample

    240921-smdgksyepb

  • MD5

    11935a78ac4590f052f45439b3c6810f

  • SHA1

    fcd8b21acc96ab3f498d53683e04e5c889a80817

  • SHA256

    204c2f1c9a9445ca2194aecebff5a7eabd8502525659fb1f3783d7cbcca13831

  • SHA512

    d0717631200a38ffb720152288d2692e0f43b16d4db49b01209b2f6b1bbdf6893ae1d29a4d6a450e150794c0dc307a8456ca2dea695fddb4c19c70397324562c

  • SSDEEP

    1536:PuPoaYzMXqtGNttyUn01Q78a4Rs2kKzs2Irj5hN:PhaY46tGNttyJQ7KRs2kKzQj5r

Score
8/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      204c2f1c9a9445ca2194aecebff5a7eabd8502525659fb1f3783d7cbcca13831

    • Size

      66KB

    • MD5

      11935a78ac4590f052f45439b3c6810f

    • SHA1

      fcd8b21acc96ab3f498d53683e04e5c889a80817

    • SHA256

      204c2f1c9a9445ca2194aecebff5a7eabd8502525659fb1f3783d7cbcca13831

    • SHA512

      d0717631200a38ffb720152288d2692e0f43b16d4db49b01209b2f6b1bbdf6893ae1d29a4d6a450e150794c0dc307a8456ca2dea695fddb4c19c70397324562c

    • SSDEEP

      1536:PuPoaYzMXqtGNttyUn01Q78a4Rs2kKzs2Irj5hN:PhaY46tGNttyJQ7KRs2kKzQj5r

    Score
    8/10
    discoveryspywarestealer

    • Drops file in Drivers directory

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks