Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ebfd53ae895e6020b4bb14ddfe6346ce35da6ba9f25ea398a3a30530d815671e
-
Size
11.1MB
-
Sample
240925-x1171sshjq
-
MD5
d6b171ebed01d2edd705fc21694e1a17
-
SHA1
f381f4c78d0004227a0bc23e92c391736755fd82
-
SHA256
ebfd53ae895e6020b4bb14ddfe6346ce35da6ba9f25ea398a3a30530d815671e
-
SHA512
21f8b9a17b17b93c1b4e87339f076b690ff8f00a1164d7c77703d8668120cd014a4f39a66deeb3704dd84b762b5fa2e9a08593e00093f5b9a9a17c8c7eedc59b
-
SSDEEP
98304:FdQb+0ChEPIGiq3y3vx+w9TbfjJ+kdfpK46Tle36jknz9Y:Fk+kIGv3y/x+KTbfjJ+kdnAlejY
Malware Config
Targets
-
-
Target
ebfd53ae895e6020b4bb14ddfe6346ce35da6ba9f25ea398a3a30530d815671e
-
Size
11.1MB
-
MD5
d6b171ebed01d2edd705fc21694e1a17
-
SHA1
f381f4c78d0004227a0bc23e92c391736755fd82
-
SHA256
ebfd53ae895e6020b4bb14ddfe6346ce35da6ba9f25ea398a3a30530d815671e
-
SHA512
21f8b9a17b17b93c1b4e87339f076b690ff8f00a1164d7c77703d8668120cd014a4f39a66deeb3704dd84b762b5fa2e9a08593e00093f5b9a9a17c8c7eedc59b
-
SSDEEP
98304:FdQb+0ChEPIGiq3y3vx+w9TbfjJ+kdfpK46Tle36jknz9Y:Fk+kIGv3y/x+KTbfjJ+kdnAlejY
Score8/10-
Drops file in Drivers directory
-
Deletes itself
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1