Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

eb97052899...72.exe

windows7-x64

10

eb97052899...72.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    25/09/2024, 03:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    eb97052899bb8e9d32865a2b3269122252942286618387278279d792b13dfd72.exe

  • Size

    8.5MB

  • MD5

    8d53eb752c4c26795c3cc334c9a64611

  • SHA1

    f1a3d4a4a1110d616ad82bdb64d98b011adc00c7

  • SHA256

    eb97052899bb8e9d32865a2b3269122252942286618387278279d792b13dfd72

  • SHA512

    f501f8eee32ec863aa061be6fe07e382e38adeaa20b110792310f457af4591dec289145a7f10b6aa5023d5143e773312c5c5a4c078286d8604feb689db288e99

  • SSDEEP

    196608:qa+ZIGwdfbWgPfZ0nwsiBOCaepkvxEcBqc2xHFJLc04ylx40tk:mZIGwdfjhTsigHvxE9c2xH/crylx402

Score
10/10
hackbrowserdatainfostealer

Malware Config

Signatures

  • An open source browser data exporter written in golang. 6 IoCs
  • HackBrowserData

    An open source golang web browser extractor.

    infostealerhackbrowserdata
  • Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\eb97052899bb8e9d32865a2b3269122252942286618387278279d792b13dfd72.exe
    "C:\Users\Admin\AppData\Local\Temp\eb97052899bb8e9d32865a2b3269122252942286618387278279d792b13dfd72.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    PID:2480

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2480-6-0x0000000000C60000-0x000000000298E000-memory.dmp

    Filesize

    29.2MB

    Download

  • memory/2480-5-0x0000000000C60000-0x000000000298E000-memory.dmp

    Filesize

    29.2MB

    Download

  • memory/2480-10-0x000007FFFFBD0000-0x000007FFFFFA1000-memory.dmp

    Filesize

    3.8MB

    Download

  • memory/2480-11-0x0000000000C60000-0x000000000298E000-memory.dmp

    Filesize

    29.2MB

    Download

  • memory/2480-4-0x0000000000C60000-0x000000000298E000-memory.dmp

    Filesize

    29.2MB

    Download

  • memory/2480-8-0x0000000077BC0000-0x0000000077D69000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/2480-7-0x0000000077C11000-0x0000000077C12000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2480-3-0x0000000000C60000-0x000000000298E000-memory.dmp

    Filesize

    29.2MB

    Download

  • memory/2480-2-0x0000000000C60000-0x000000000298E000-memory.dmp

    Filesize

    29.2MB

    Download

  • memory/2480-1-0x000007FFFFBD0000-0x000007FFFFFA1000-memory.dmp

    Filesize

    3.8MB

    Download

  • memory/2480-0-0x0000000000C60000-0x000000000298E000-memory.dmp

    Filesize

    29.2MB

    Download