Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

620a2ea5c3...dd.exe

windows7-x64

8

620a2ea5c3...dd.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    620a2ea5c332a0569c93afd6f5b0d0e80630a3c3c2363d1f06516c25244d2edd

  • Size

    165KB

  • Sample

    240925-wffj5s1hph

  • MD5

    043b405145b4f79e81b3f4e407b1a401

  • SHA1

    f7c9842e2ca8e33a17ad083507672d568be764b2

  • SHA256

    620a2ea5c332a0569c93afd6f5b0d0e80630a3c3c2363d1f06516c25244d2edd

  • SHA512

    180794bc15d3626adad999f6a8b6a733f041e748c699622b46428811c7c58502bf1d131a02d02abcbc0ba8e5c0af6ef152a9a6b8e1592e36588674c687b4e626

  • SSDEEP

    3072:2MaY46tGNttyeQLYm1s99djmMGWBgh1002J8emEu3T7TO+9Z9sTOVrZzxVxU:H46tGdye41WYWBW1Wu3rOOuOVr8

Score
8/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      620a2ea5c332a0569c93afd6f5b0d0e80630a3c3c2363d1f06516c25244d2edd

    • Size

      165KB

    • MD5

      043b405145b4f79e81b3f4e407b1a401

    • SHA1

      f7c9842e2ca8e33a17ad083507672d568be764b2

    • SHA256

      620a2ea5c332a0569c93afd6f5b0d0e80630a3c3c2363d1f06516c25244d2edd

    • SHA512

      180794bc15d3626adad999f6a8b6a733f041e748c699622b46428811c7c58502bf1d131a02d02abcbc0ba8e5c0af6ef152a9a6b8e1592e36588674c687b4e626

    • SSDEEP

      3072:2MaY46tGNttyeQLYm1s99djmMGWBgh1002J8emEu3T7TO+9Z9sTOVrZzxVxU:H46tGdye41WYWBW1Wu3rOOuOVr8

    Score
    8/10
    discoveryspywarestealer

    • Drops file in Drivers directory

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks