Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Built.exe
-
Size
6.9MB
-
Sample
241014-s1rw5asbkb
-
MD5
66e88dc78d9c6525f7be9c474fa1bc25
-
SHA1
d95abacea71522ad1b787f8a3447404276f6b79e
-
SHA256
cbbccd19a4ac28994994dd8f115d602d17a0810fcd23f459b1ccadb60eb0dd75
-
SHA512
a4b97fa724aa0addae0f2414427ba4cbf02b2957fc43a030f117efc1d46e35a5ba505fffbef8912ab21317e210ea764de564515c4755bf431cbd1f1bd79abbb7
-
SSDEEP
98304:LeDjWM8JEE1rWamaHl3Ne4i3Tf2PkOpfW9hZMMoVmkzhxIdfXeRpYKJJcGhEIFWf:Le0PeNTfm/pf+xk4dWRptrbWOjgr
Behavioral task
behavioral1
Sample
Built.exe
Resource
win11-20241007-en
Malware Config
Targets
-
-
Target
Built.exe
-
Size
6.9MB
-
MD5
66e88dc78d9c6525f7be9c474fa1bc25
-
SHA1
d95abacea71522ad1b787f8a3447404276f6b79e
-
SHA256
cbbccd19a4ac28994994dd8f115d602d17a0810fcd23f459b1ccadb60eb0dd75
-
SHA512
a4b97fa724aa0addae0f2414427ba4cbf02b2957fc43a030f117efc1d46e35a5ba505fffbef8912ab21317e210ea764de564515c4755bf431cbd1f1bd79abbb7
-
SSDEEP
98304:LeDjWM8JEE1rWamaHl3Ne4i3Tf2PkOpfW9hZMMoVmkzhxIdfXeRpYKJJcGhEIFWf:Le0PeNTfm/pf+xk4dWRptrbWOjgr
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Clipboard Data
Adversaries may collect data stored in the clipboard from users copying information within or between applications.
-
Loads dropped DLL
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Obfuscated Files or Information: Command Obfuscation
Adversaries may obfuscate content during command execution to impede detection.
-
Enumerates processes with tasklist
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Obfuscated Files or Information
1Command Obfuscation
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
3Credentials In Files
3