Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Stremio+4.4.168.exe

  • Size

    112.9MB

  • Sample

    241001-yl3yqsxfpl

  • MD5

    763b10b7a9293ccc9307b650a01db702

  • SHA1

    b033764307a4df6cc81c654467630f2df67297ef

  • SHA256

    44ecc6a7624b2fdf03cb9b419f111892515fb036fe23f88e51456dce69066046

  • SHA512

    f6f8d0a78cfaa2c440567fc0e636ab6129c495991f679c93ae0b7e211d9e290e7d4628891fef35f0383662bc2237e21410dd849f1d6074a8994dfd8deeee5e0c

  • SSDEEP

    3145728:XddpqKUfzM8/I/6Uj2jDxXz8sGd1TiDlSugSbc+cYOsNCO1JTN:tdoK18wiucDZxG7TOlS/SI+JNCO19N

Malware Config

Targets

    • Target

      Stremio+4.4.168.exe

    • Size

      112.9MB

    • MD5

      763b10b7a9293ccc9307b650a01db702

    • SHA1

      b033764307a4df6cc81c654467630f2df67297ef

    • SHA256

      44ecc6a7624b2fdf03cb9b419f111892515fb036fe23f88e51456dce69066046

    • SHA512

      f6f8d0a78cfaa2c440567fc0e636ab6129c495991f679c93ae0b7e211d9e290e7d4628891fef35f0383662bc2237e21410dd849f1d6074a8994dfd8deeee5e0c

    • SSDEEP

      3145728:XddpqKUfzM8/I/6Uj2jDxXz8sGd1TiDlSugSbc+cYOsNCO1JTN:tdoK18wiucDZxG7TOlS/SI+JNCO19N

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Legitimate hosting services abused for malware hosting/C2

    • Target

      QtQuick/Controls/Private/EditMenu.qml

    • Size

      3KB

    • MD5

      b48053c0e232fde426daf51151b93da9

    • SHA1

      b981463d498e35d158630c2cf5def039f3d12621

    • SHA256

      46b63d90ff343644506d788c6eeeb99956f55a6cbe297ddd998fc7438196b968

    • SHA512

      6e7e9bbb3d4c5b4ac10bd188dcc9463e1a60a3617ded2db0c808a68464c63f1a63b62ebf94bfb3bac60de58c55f3d903d3ef672e95a4769ca670f597ff94ff4a

    Score
    1/10
    • Target

      QtQuick/Controls/Private/EditMenu_base.qml

    • Size

      5KB

    • MD5

      f65418d60c05cf3322abafc6fa1412cf

    • SHA1

      e87102845baf8ffc20c44c9f34ca2a5da2e61735

    • SHA256

      076e471444b7a512d0d19f39b6dc836f7a50d5049059cb26a0aeccccdef55439

    • SHA512

      917bee82351c03538a9afc47c259ff84a3d93fc0114fe9002a62b65eb7acad1abe50713d656231b65273114bae5359c311ccc0894e0a1dc5c8824febe0f73e06

    • SSDEEP

      96:KogUldGcQWa40S3uK3eVoqtWo+DPLrHQLhFAP06iM1p8:KtcGBbF2MWT3HADAdiM1G

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks