Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    FusionAutoExecOnTSB.exe

  • Size

    16.8MB

  • Sample

    241013-mh5sdawgnj

  • MD5

    fa760e085c2e7ee00e5674837187e7c9

  • SHA1

    b706c67da08ae9c57db0c92704044ddb802fcd4d

  • SHA256

    af4090144e3ba6900af06c077663f379cd8eba5844718b10553f99e67e479f66

  • SHA512

    e494af589a16bfd4600d56afeb0da7b37de48179178cc2a6e9583086b4986ed092b7ccaa769cf7955c6e42c35d62b8131e7f4fd27dbfbbc4792ca404b1d16991

  • SSDEEP

    393216:pXb4YQhZ2YsHFUK2Jn1+TtIiFmY9Z8D8CclDNQhVCUTbmQLoSsF:RQZ2YwUlJn1QtI3a8DZcBojHL

Malware Config

Targets

    • Target

      FusionAutoExecOnTSB.exe

    • Size

      16.8MB

    • MD5

      fa760e085c2e7ee00e5674837187e7c9

    • SHA1

      b706c67da08ae9c57db0c92704044ddb802fcd4d

    • SHA256

      af4090144e3ba6900af06c077663f379cd8eba5844718b10553f99e67e479f66

    • SHA512

      e494af589a16bfd4600d56afeb0da7b37de48179178cc2a6e9583086b4986ed092b7ccaa769cf7955c6e42c35d62b8131e7f4fd27dbfbbc4792ca404b1d16991

    • SSDEEP

      393216:pXb4YQhZ2YsHFUK2Jn1+TtIiFmY9Z8D8CclDNQhVCUTbmQLoSsF:RQZ2YwUlJn1QtI3a8DZcBojHL

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.