Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

cce956f2f4...d4.exe

windows7-x64

8

cce956f2f4...d4.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cce956f2f4c805f15d28d96174be5ee64685959a937a308e1145b50e9a85bad4

  • Size

    115KB

  • Sample

    240925-wg32tsyemp

  • MD5

    b0aedce6d28bec257ebbe0fc4aeda283

  • SHA1

    38c8de6feecd951b8d75ddd29d5dee11045d9def

  • SHA256

    cce956f2f4c805f15d28d96174be5ee64685959a937a308e1145b50e9a85bad4

  • SHA512

    062a925d65b0ca45781a932712389b34d985aea13850a54fce0c71737034c630dde83c9be6fb26332909e3534382e9e91acccb2b0fccf9ab1d1e4362d1051a2c

  • SSDEEP

    3072:2MaY46tGNttyeQLYm1D2ebrEFEIkJbHljDFEJK0u9y:H46tGdye41yebrESIkJbFjJAu4

Score
8/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      cce956f2f4c805f15d28d96174be5ee64685959a937a308e1145b50e9a85bad4

    • Size

      115KB

    • MD5

      b0aedce6d28bec257ebbe0fc4aeda283

    • SHA1

      38c8de6feecd951b8d75ddd29d5dee11045d9def

    • SHA256

      cce956f2f4c805f15d28d96174be5ee64685959a937a308e1145b50e9a85bad4

    • SHA512

      062a925d65b0ca45781a932712389b34d985aea13850a54fce0c71737034c630dde83c9be6fb26332909e3534382e9e91acccb2b0fccf9ab1d1e4362d1051a2c

    • SSDEEP

      3072:2MaY46tGNttyeQLYm1D2ebrEFEIkJbHljDFEJK0u9y:H46tGdye41yebrESIkJbFjJAu4

    Score
    8/10
    discoveryspywarestealer

    • Drops file in Drivers directory

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks