Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a680fb2851207f6606214c2bb266a46ad37afefa9df85dc43a7730fe14bfc177.exe.zip
-
Size
1.1MB
-
Sample
241012-w94ttszbjp
-
MD5
f65b34c0461d700e060119b099270bae
-
SHA1
1e7c6b81ca492525724e85cd06d120ec7b78d40a
-
SHA256
deb1ce58d16264befbb7ed46df903ae0dce6a28cd373bdd182f97bb3e1faedca
-
SHA512
de59ad1313aad04bb6afc0e095a1e879540ae58351972d51fd1ee37b5eba24a0256f476c43f3d73f7c1f2ea36d1f392e9b176fd0bc070d7bcee460ed97e308bb
-
SSDEEP
24576:ZfDCJiMUt+i4qhcaRwZ7v+LoUceIHsOh+sdqlVQ/c363gPTERfOGr/:ZfDCJQzPqVvj7u8q5vPARfOGr/
Malware Config
Targets
-
-
Target
a680fb2851207f6606214c2bb266a46ad37afefa9df85dc43a7730fe14bfc177.exe
-
Size
1.1MB
-
MD5
66310e73ba135067af9453c699a4c694
-
SHA1
330a52436c0294d2ead08f7b86b9091591f55878
-
SHA256
a680fb2851207f6606214c2bb266a46ad37afefa9df85dc43a7730fe14bfc177
-
SHA512
4893113b6fdf875b399fee26ca7153951fa5f84434e5de6504d5645657e9b8396efcdc72889dcc78ed49149434aa13e27006ea7855339f289e06781a7f20d49a
-
SSDEEP
24576:BEqS1t2qh4zwnOd30BQuO883eB/qeV5WYeXEncWFtDxk4rk:Gd6EYr88O9TDncWNk4rk
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates processes with tasklist
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
2Credentials In Files
2