Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2949df50691624e3a64635fbf690527e245d5c83dd3bd8f000f34447a6386ba2

  • Size

    17.9MB

  • Sample

    241117-v61gkatraz

  • MD5

    61b5a3066bcf661f69b9e362ef1a1f8c

  • SHA1

    bc6701f2a76cb5db3ea27371240b7e295382d29c

  • SHA256

    2949df50691624e3a64635fbf690527e245d5c83dd3bd8f000f34447a6386ba2

  • SHA512

    641aacd33f4d73f5d488d1799159832b423c0025b9916ac3c5a484b57fa4da1ce270d7cc5f7d428ab03d1aa9791995a86af496f68417612a55bb5ad6e06b14b0

  • SSDEEP

    393216:dqPnLFXlrzQMDOETgsvfGjg+lPvEny38cdwAqo:kPLFXNzQRECJlUFc8o

Malware Config

Targets

    • Target

      2949df50691624e3a64635fbf690527e245d5c83dd3bd8f000f34447a6386ba2

    • Size

      17.9MB

    • MD5

      61b5a3066bcf661f69b9e362ef1a1f8c

    • SHA1

      bc6701f2a76cb5db3ea27371240b7e295382d29c

    • SHA256

      2949df50691624e3a64635fbf690527e245d5c83dd3bd8f000f34447a6386ba2

    • SHA512

      641aacd33f4d73f5d488d1799159832b423c0025b9916ac3c5a484b57fa4da1ce270d7cc5f7d428ab03d1aa9791995a86af496f68417612a55bb5ad6e06b14b0

    • SSDEEP

      393216:dqPnLFXlrzQMDOETgsvfGjg+lPvEny38cdwAqo:kPLFXNzQRECJlUFc8o

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.