Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2025-01-13_69fff9988e7b9bedbf97c7fe86aaedb3_mafia

  • Size

    255KB

  • Sample

    250113-ymcg6swkdy

  • MD5

    69fff9988e7b9bedbf97c7fe86aaedb3

  • SHA1

    2e04fc1efcfd2ac785b135b104fb28f976c49f90

  • SHA256

    b314b729c67fb92c264618c1741443b6201b349932041372ce0205969b6c46d9

  • SHA512

    f76300d766fe00723c3212db77e64307abcf508b51da33c1c3b1a6c092544da40fc768730b6554808f40e052714c8f6994919de0edb981e48b856d2f9ef45f09

  • SSDEEP

    6144:WIq711Oow5xWvat2GcbFjB4QxcEvdrk82bLlM4mcd6:WIqn7w5xWV1dWQOEdrk8sL+4mcd6

Malware Config

Targets

    • Target

      2025-01-13_69fff9988e7b9bedbf97c7fe86aaedb3_mafia

    • Size

      255KB

    • MD5

      69fff9988e7b9bedbf97c7fe86aaedb3

    • SHA1

      2e04fc1efcfd2ac785b135b104fb28f976c49f90

    • SHA256

      b314b729c67fb92c264618c1741443b6201b349932041372ce0205969b6c46d9

    • SHA512

      f76300d766fe00723c3212db77e64307abcf508b51da33c1c3b1a6c092544da40fc768730b6554808f40e052714c8f6994919de0edb981e48b856d2f9ef45f09

    • SSDEEP

      6144:WIq711Oow5xWvat2GcbFjB4QxcEvdrk82bLlM4mcd6:WIqn7w5xWV1dWQOEdrk8sL+4mcd6

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • Kpot family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

MITRE ATT&CK Enterprise v15

Tasks