Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-10-25_7bb0a58dc028aebd78df071745761870_magniber

  • Size

    5.6MB

  • Sample

    241025-zfkqms1rbq

  • MD5

    7bb0a58dc028aebd78df071745761870

  • SHA1

    d589c86072262c88ce524f84f7ba5c1fc77a6b04

  • SHA256

    5ea4cf7c466b27381e9fe8c769a25675021b60da1b2245bfcfb73e4f4ae185b3

  • SHA512

    df00322223749e4ea951a882d82b2188e88f62ee980d42a261aa25abd86c97ba0cae7d4c1245cd7ff390580da6114e3175060c627555ee68ba1a59ff9c1d7b09

  • SSDEEP

    98304:P7M701RgX4iuSl1DtlEq81xZPGnzURnBh6gG4/QmvD/cTwY2h3F1P9yvMVV:jM7pTXexZPGzURnBh6gG4F+W3zUv4

Malware Config

Targets

    • Target

      2024-10-25_7bb0a58dc028aebd78df071745761870_magniber

    • Size

      5.6MB

    • MD5

      7bb0a58dc028aebd78df071745761870

    • SHA1

      d589c86072262c88ce524f84f7ba5c1fc77a6b04

    • SHA256

      5ea4cf7c466b27381e9fe8c769a25675021b60da1b2245bfcfb73e4f4ae185b3

    • SHA512

      df00322223749e4ea951a882d82b2188e88f62ee980d42a261aa25abd86c97ba0cae7d4c1245cd7ff390580da6114e3175060c627555ee68ba1a59ff9c1d7b09

    • SSDEEP

      98304:P7M701RgX4iuSl1DtlEq81xZPGnzURnBh6gG4/QmvD/cTwY2h3F1P9yvMVV:jM7pTXexZPGzURnBh6gG4F+W3zUv4

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks system information in the registry

      System information is often read in order to detect sandboxing environments.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks