Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20241023-en
  • resource tags

    arch:x64arch:x86image:win7-20241023-enlocale:en-usos:windows7-x64system
  • submitted
    25/10/2024, 21:14

General

  • Target

    452733dc7e7cc2f2807f0b10cb6194899dc56fe0ed56140bf1bf53244c23b191.exe

  • Size

    92KB

  • MD5

    4cd82bdf6641b6bd80b73399ed6f97bb

  • SHA1

    666c9a05429d054df4f2672be12ba9caa457ac21

  • SHA256

    452733dc7e7cc2f2807f0b10cb6194899dc56fe0ed56140bf1bf53244c23b191

  • SHA512

    793026271da0fcb0e03fbb3d930ed04714b5a512243216450f23e9394f7e7e8338b6064c0aeb6aa8c66a9dfd859d2c4beaa71ff4b3f9ae4064ee6e5940e07dc4

  • SSDEEP

    1536:DHB0UxMkzOt7HcvJGt5AdHIOWnToIf12ZqTUgafoMSo:DhAWJGSCTBf12Z1g+oMS

Malware Config

Signatures

  • Reads user/profile data of web browsers 3 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

  • Drops file in System32 directory 64 IoCs
  • Drops file in Program Files directory 64 IoCs
  • Drops file in Windows directory 64 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\452733dc7e7cc2f2807f0b10cb6194899dc56fe0ed56140bf1bf53244c23b191.exe
    "C:\Users\Admin\AppData\Local\Temp\452733dc7e7cc2f2807f0b10cb6194899dc56fe0ed56140bf1bf53244c23b191.exe"
    1⤵
    • Drops file in System32 directory
    • Drops file in Program Files directory
    • Drops file in Windows directory
    • System Location Discovery: System Language Discovery
    PID:2316

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads