Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

1df4b56240...72.exe

windows7-x64

9

1df4b56240...72.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1df4b562406c3dc156ba80a3ffa8c03eca539d4e737a63dcbc1eeb79a1e18472

  • Size

    2.6MB

  • Sample

    240921-xtgvssycjh

  • MD5

    e85314befe69377f737ca5192f3b16d3

  • SHA1

    f7dc6a51bb6c995449a5f31710cb76cd4ad72ba5

  • SHA256

    1df4b562406c3dc156ba80a3ffa8c03eca539d4e737a63dcbc1eeb79a1e18472

  • SHA512

    18b523766a99cb932ad2cf5b54ef19bcde64e864e83e04bae2d55ae4fdc65046049c1592d532c1f9824e6299081d86e982e0c293a12671e36ae4de6026c146e9

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBJB/bS:sxX7QnxrloE5dpUpmb

Score
9/10
credential_accessdiscoverypersistencespywarestealer

Malware Config

Targets

    • Target

      1df4b562406c3dc156ba80a3ffa8c03eca539d4e737a63dcbc1eeb79a1e18472

    • Size

      2.6MB

    • MD5

      e85314befe69377f737ca5192f3b16d3

    • SHA1

      f7dc6a51bb6c995449a5f31710cb76cd4ad72ba5

    • SHA256

      1df4b562406c3dc156ba80a3ffa8c03eca539d4e737a63dcbc1eeb79a1e18472

    • SHA512

      18b523766a99cb932ad2cf5b54ef19bcde64e864e83e04bae2d55ae4fdc65046049c1592d532c1f9824e6299081d86e982e0c293a12671e36ae4de6026c146e9

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBJB/bS:sxX7QnxrloE5dpUpmb

    Score
    9/10
    credential_accessdiscoverypersistencespywarestealer

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

      credential_accessstealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks