Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

2f48478d6e...8N.exe

windows7-x64

10

2f48478d6e...8N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2f48478d6e129ed9b142eec7b8d2063f85e8296bfbaca5a1da8ebea26e344958N

  • Size

    5.0MB

  • Sample

    241005-gtlkzszbjn

  • MD5

    83fcb5ac7f852a8c55ecad65d83e8450

  • SHA1

    72504900c20f1c186fb582867392caf31dabc545

  • SHA256

    2f48478d6e129ed9b142eec7b8d2063f85e8296bfbaca5a1da8ebea26e344958

  • SHA512

    1c1abc3c9d3ebbf5577090fc506513cfdcb08544a8e4e12a4f881f8db4b5c52966590a8dd4a26f8d9ceba2f26241d19f597633a1aa28fa783f56700a6db270a2

  • SSDEEP

    24576:qIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIII3:

Score
10/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      2f48478d6e129ed9b142eec7b8d2063f85e8296bfbaca5a1da8ebea26e344958N

    • Size

      5.0MB

    • MD5

      83fcb5ac7f852a8c55ecad65d83e8450

    • SHA1

      72504900c20f1c186fb582867392caf31dabc545

    • SHA256

      2f48478d6e129ed9b142eec7b8d2063f85e8296bfbaca5a1da8ebea26e344958

    • SHA512

      1c1abc3c9d3ebbf5577090fc506513cfdcb08544a8e4e12a4f881f8db4b5c52966590a8dd4a26f8d9ceba2f26241d19f597633a1aa28fa783f56700a6db270a2

    • SSDEEP

      24576:qIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIII3:

    Score
    10/10
    discoverypersistencespywarestealer

    • Modifies WinLogon for persistence

      persistence

    • Drops file in Drivers directory

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks