Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-09-27_df44c7883fc2db59a608b25f68505560_magniber
-
Size
10.1MB
-
Sample
240927-v684psvgqf
-
MD5
df44c7883fc2db59a608b25f68505560
-
SHA1
9cab5ec761a0ad291830d757d3311c79e6e32ce6
-
SHA256
42ad6ed09816deba48766084f7f5a2f8501d6816ab64b24150e2b27202d6db74
-
SHA512
ec7c2aa2e100034fe18509baa1649dac9ce1d7bd0359944eea515ca511aee68c21db8f22f676b8ee840a3e27fa2b5c1bcc213f767757113c3ad82795ccef3b16
-
SSDEEP
196608:Jdad4T0xcsSB5orrcbSsi0s/lmPJ7N3VvXWrqufezvq:/adCoXrlAJ7N3pXW2uGzy
Malware Config
Targets
-
-
Target
2024-09-27_df44c7883fc2db59a608b25f68505560_magniber
-
Size
10.1MB
-
MD5
df44c7883fc2db59a608b25f68505560
-
SHA1
9cab5ec761a0ad291830d757d3311c79e6e32ce6
-
SHA256
42ad6ed09816deba48766084f7f5a2f8501d6816ab64b24150e2b27202d6db74
-
SHA512
ec7c2aa2e100034fe18509baa1649dac9ce1d7bd0359944eea515ca511aee68c21db8f22f676b8ee840a3e27fa2b5c1bcc213f767757113c3ad82795ccef3b16
-
SSDEEP
196608:Jdad4T0xcsSB5orrcbSsi0s/lmPJ7N3VvXWrqufezvq:/adCoXrlAJ7N3pXW2uGzy
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
2Subvert Trust Controls
1Install Root Certificate
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1