Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e13acc8511ff9e1ba309e6aeb8c468da19ff3f5469c897ef57f02d30b4206c71N

  • Size

    796KB

  • Sample

    241025-26w8gawcqg

  • MD5

    5474328b0ce5dee5f045e6b9252daff0

  • SHA1

    61c228a3920ae2d398d24804267dbda62b17abe6

  • SHA256

    e13acc8511ff9e1ba309e6aeb8c468da19ff3f5469c897ef57f02d30b4206c71

  • SHA512

    0f42d49a326d9d1e2168aa70b65e7e4f0136455b6b8911e3d233fc16440a6afd604c6fdad48ef9bb78575b70b4e4c7546b6d8d57dd00b7ffc086f44f5802ada2

  • SSDEEP

    12288:j2JylsKTzsBeD53KoNw+bCUKklI9ufQ2XqJmrsZq4ZiohfzFq6h:j2JyxUBe95Nw+bJ3lI9uB/48Ubh

Malware Config

Targets

    • Target

      e13acc8511ff9e1ba309e6aeb8c468da19ff3f5469c897ef57f02d30b4206c71N

    • Size

      796KB

    • MD5

      5474328b0ce5dee5f045e6b9252daff0

    • SHA1

      61c228a3920ae2d398d24804267dbda62b17abe6

    • SHA256

      e13acc8511ff9e1ba309e6aeb8c468da19ff3f5469c897ef57f02d30b4206c71

    • SHA512

      0f42d49a326d9d1e2168aa70b65e7e4f0136455b6b8911e3d233fc16440a6afd604c6fdad48ef9bb78575b70b4e4c7546b6d8d57dd00b7ffc086f44f5802ada2

    • SSDEEP

      12288:j2JylsKTzsBeD53KoNw+bCUKklI9ufQ2XqJmrsZq4ZiohfzFq6h:j2JyxUBe95Nw+bJ3lI9uB/48Ubh

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks