Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-09-27_df44c7883fc2db59a608b25f68505560_magniber

  • Size

    10.1MB

  • Sample

    240927-v684psvgqf

  • MD5

    df44c7883fc2db59a608b25f68505560

  • SHA1

    9cab5ec761a0ad291830d757d3311c79e6e32ce6

  • SHA256

    42ad6ed09816deba48766084f7f5a2f8501d6816ab64b24150e2b27202d6db74

  • SHA512

    ec7c2aa2e100034fe18509baa1649dac9ce1d7bd0359944eea515ca511aee68c21db8f22f676b8ee840a3e27fa2b5c1bcc213f767757113c3ad82795ccef3b16

  • SSDEEP

    196608:Jdad4T0xcsSB5orrcbSsi0s/lmPJ7N3VvXWrqufezvq:/adCoXrlAJ7N3pXW2uGzy

Malware Config

Targets

    • Target

      2024-09-27_df44c7883fc2db59a608b25f68505560_magniber

    • Size

      10.1MB

    • MD5

      df44c7883fc2db59a608b25f68505560

    • SHA1

      9cab5ec761a0ad291830d757d3311c79e6e32ce6

    • SHA256

      42ad6ed09816deba48766084f7f5a2f8501d6816ab64b24150e2b27202d6db74

    • SHA512

      ec7c2aa2e100034fe18509baa1649dac9ce1d7bd0359944eea515ca511aee68c21db8f22f676b8ee840a3e27fa2b5c1bcc213f767757113c3ad82795ccef3b16

    • SSDEEP

      196608:Jdad4T0xcsSB5orrcbSsi0s/lmPJ7N3VvXWrqufezvq:/adCoXrlAJ7N3pXW2uGzy

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Blocklisted process makes network request

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks