Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

48475c5ce9...59.exe

windows7-x64

7

48475c5ce9...59.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    48475c5ce950d702ce347b51ae85cb3304fd3f527e0c4c100ee65089f025ec59

  • Size

    236KB

  • Sample

    241008-zy4aps1anh

  • MD5

    deb20d60b52959364914c86deb3bd21b

  • SHA1

    2b1139b0d7d2c7b8c5057a137cb473c21db3352b

  • SHA256

    48475c5ce950d702ce347b51ae85cb3304fd3f527e0c4c100ee65089f025ec59

  • SHA512

    034106a52a8ccede36886206ce116d52b892205a1b079b0cc814a40743169913e448176e6e7f510c461d4a863fd7a499e09a20709c8d7d7a298672032e853f0a

  • SSDEEP

    6144:l5+SIkWrbACX2p6fGNgKAO0CFrf3x+aFSm:3+SCrbA62A+xy4rvx+aFSm

Score
7/10
defense_evasiondiscoveryspywarestealer

Malware Config

Targets

    • Target

      48475c5ce950d702ce347b51ae85cb3304fd3f527e0c4c100ee65089f025ec59

    • Size

      236KB

    • MD5

      deb20d60b52959364914c86deb3bd21b

    • SHA1

      2b1139b0d7d2c7b8c5057a137cb473c21db3352b

    • SHA256

      48475c5ce950d702ce347b51ae85cb3304fd3f527e0c4c100ee65089f025ec59

    • SHA512

      034106a52a8ccede36886206ce116d52b892205a1b079b0cc814a40743169913e448176e6e7f510c461d4a863fd7a499e09a20709c8d7d7a298672032e853f0a

    • SSDEEP

      6144:l5+SIkWrbACX2p6fGNgKAO0CFrf3x+aFSm:3+SCrbA62A+xy4rvx+aFSm

    Score
    7/10
    discoveryspywarestealerdefense_evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks