Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    spiggisteinnigger.exe

  • Size

    16.3MB

  • Sample

    241025-ze9y5sslbw

  • MD5

    419ee3446b70ff1b68b9ff94da570464

  • SHA1

    658a6634d621153d2114c7a6dabc500da65085cc

  • SHA256

    420dc93f6e9eb6fde5fb2394b2f64dca11c39fa375abd2c9d58b80ad712af059

  • SHA512

    fa3d07fd28af0a4fdb0a7f21748607edd6f1e816ac4c7039640b651cad9b0262c293c70d916527d460693c0414c61700465c7cd0c6be4a0f16fd6e8cf73f350d

  • SSDEEP

    393216:t2Lj7hLztByxj+0+7/pWom5RAZkH0heIWHpvM57/mwK+/Hz:AztAj+0+7/pWzckUzAeT

Malware Config

Targets

    • Target

      spiggisteinnigger.exe

    • Size

      16.3MB

    • MD5

      419ee3446b70ff1b68b9ff94da570464

    • SHA1

      658a6634d621153d2114c7a6dabc500da65085cc

    • SHA256

      420dc93f6e9eb6fde5fb2394b2f64dca11c39fa375abd2c9d58b80ad712af059

    • SHA512

      fa3d07fd28af0a4fdb0a7f21748607edd6f1e816ac4c7039640b651cad9b0262c293c70d916527d460693c0414c61700465c7cd0c6be4a0f16fd6e8cf73f350d

    • SSDEEP

      393216:t2Lj7hLztByxj+0+7/pWom5RAZkH0heIWHpvM57/mwK+/Hz:AztAj+0+7/pWzckUzAeT

    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks