Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
14b6b2ef72a4e0e4a28330aa401567ea89f39e029016267a83ae8850cbd5cb10N.exe
-
Size
945KB
-
Sample
250125-c8lgba1qey
-
MD5
66e2a63174869d2eac1b1873e0b78820
-
SHA1
83df596581fff25d38f419de5bdb96f434b70212
-
SHA256
14b6b2ef72a4e0e4a28330aa401567ea89f39e029016267a83ae8850cbd5cb10
-
SHA512
ca84ba22e7d53c41fc54e31eb95a1173030c52e8aa89f595086a97d41931756d2f5751e9f177219c0bb00fa6c690a5c06fe9db9a06fa2e7d587fb7eb8ca48a41
-
SSDEEP
24576:0YK4aYXMHVFhCz/jQHTP//LCcfyWAtBcPW:0YFaYXufsMz3//dAzcPW
Malware Config
Targets
-
-
Target
14b6b2ef72a4e0e4a28330aa401567ea89f39e029016267a83ae8850cbd5cb10N.exe
-
Size
945KB
-
MD5
66e2a63174869d2eac1b1873e0b78820
-
SHA1
83df596581fff25d38f419de5bdb96f434b70212
-
SHA256
14b6b2ef72a4e0e4a28330aa401567ea89f39e029016267a83ae8850cbd5cb10
-
SHA512
ca84ba22e7d53c41fc54e31eb95a1173030c52e8aa89f595086a97d41931756d2f5751e9f177219c0bb00fa6c690a5c06fe9db9a06fa2e7d587fb7eb8ca48a41
-
SSDEEP
24576:0YK4aYXMHVFhCz/jQHTP//LCcfyWAtBcPW:0YFaYXufsMz3//dAzcPW
Score7/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1