Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c20d58731ea9f8d62c0e7d5c47810d795e1342aa334d97ac0e9742218e29bc9e
-
Size
5.7MB
-
Sample
241004-dpeebs1eql
-
MD5
40f7b3ec38608ed7c4c95b51991d9d51
-
SHA1
d3065aa488142c6d88908507a30ccd9f2de2abb0
-
SHA256
c20d58731ea9f8d62c0e7d5c47810d795e1342aa334d97ac0e9742218e29bc9e
-
SHA512
62ba4b506e5dca8026b22fb9c48aea154994ce65bb6b027a1c1389404ac13ad05e65af3b6bbfe4daa463680a0571f1ee530b9256073152aa301f75c61ec8ca75
-
SSDEEP
49152:Hd+Pv94AEsKU8ggw1g+1CART5eBiyKS3EI3wybn20DCYIHvc8ixuZm9+fWsw6dTP:HdAKUgTH2M2m9UMpu1QfLczqssnKSk
Malware Config
Targets
-
-
Target
c20d58731ea9f8d62c0e7d5c47810d795e1342aa334d97ac0e9742218e29bc9e
-
Size
5.7MB
-
MD5
40f7b3ec38608ed7c4c95b51991d9d51
-
SHA1
d3065aa488142c6d88908507a30ccd9f2de2abb0
-
SHA256
c20d58731ea9f8d62c0e7d5c47810d795e1342aa334d97ac0e9742218e29bc9e
-
SHA512
62ba4b506e5dca8026b22fb9c48aea154994ce65bb6b027a1c1389404ac13ad05e65af3b6bbfe4daa463680a0571f1ee530b9256073152aa301f75c61ec8ca75
-
SSDEEP
49152:Hd+Pv94AEsKU8ggw1g+1CART5eBiyKS3EI3wybn20DCYIHvc8ixuZm9+fWsw6dTP:HdAKUgTH2M2m9UMpu1QfLczqssnKSk
Score8/10-
Drops file in Drivers directory
-
Deletes itself
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1