Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c39e5fe6f279fece6ca9a8a4a36bb1d15a0b4f3c5852c1fa54844bcfb295485b

  • Size

    394KB

  • Sample

    240925-nbgmmssaqq

  • MD5

    6be32ec1c30996c185dea001877da11c

  • SHA1

    53486de5221213313e7efe53cf70e4d485b34d85

  • SHA256

    c39e5fe6f279fece6ca9a8a4a36bb1d15a0b4f3c5852c1fa54844bcfb295485b

  • SHA512

    42525c7a473545ce8ccb34210e95633138aaf36f73130d3fb5dc82e3e20435d2afb5cb3ee98afdc83cd29620070b9c69026bbcf8894a99315e2b142f0a01b0eb

  • SSDEEP

    6144:C46tGdye412P2zPVz7jUBs8hqcBCi6dbfra4erJlt9A+xX1oOAisEIWmGeNkfGuz:C3NbZahVy41

Malware Config

Targets

    • Target

      c39e5fe6f279fece6ca9a8a4a36bb1d15a0b4f3c5852c1fa54844bcfb295485b

    • Size

      394KB

    • MD5

      6be32ec1c30996c185dea001877da11c

    • SHA1

      53486de5221213313e7efe53cf70e4d485b34d85

    • SHA256

      c39e5fe6f279fece6ca9a8a4a36bb1d15a0b4f3c5852c1fa54844bcfb295485b

    • SHA512

      42525c7a473545ce8ccb34210e95633138aaf36f73130d3fb5dc82e3e20435d2afb5cb3ee98afdc83cd29620070b9c69026bbcf8894a99315e2b142f0a01b0eb

    • SSDEEP

      6144:C46tGdye412P2zPVz7jUBs8hqcBCi6dbfra4erJlt9A+xX1oOAisEIWmGeNkfGuz:C3NbZahVy41

    • Drops file in Drivers directory

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks