Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    image10.exe

  • Size

    13.9MB

  • Sample

    250221-3xb2lstncl

  • MD5

    03c69563828abbfc9707e1adb1366854

  • SHA1

    9db7241c232d9b38407e105554daf86279de2d84

  • SHA256

    487893698387b44f643279ef376f1ce510ac8f2f15feeb0df9d71bbe099dff2e

  • SHA512

    ed8255ac57df29a9c03d3175c4a24e19741b1e2527ac83c8f2ae40d7f1a85fe128ca11c6ec0131dc08f27c666f1a9c64ef5e9ad6d0b7b4b87f487e85b1675f60

  • SSDEEP

    196608:nm/lOqPnih8FXj+hYeB0sKYu/PaQhKDnO8NpHzgsAGKaRZtG7cpXtqlnRlm0ozl6:JqPnLFCjQ8DOETgsv/Gwv6nW0+rk

Malware Config

Targets

    • Target

      image10.exe

    • Size

      13.9MB

    • MD5

      03c69563828abbfc9707e1adb1366854

    • SHA1

      9db7241c232d9b38407e105554daf86279de2d84

    • SHA256

      487893698387b44f643279ef376f1ce510ac8f2f15feeb0df9d71bbe099dff2e

    • SHA512

      ed8255ac57df29a9c03d3175c4a24e19741b1e2527ac83c8f2ae40d7f1a85fe128ca11c6ec0131dc08f27c666f1a9c64ef5e9ad6d0b7b4b87f487e85b1675f60

    • SSDEEP

      196608:nm/lOqPnih8FXj+hYeB0sKYu/PaQhKDnO8NpHzgsAGKaRZtG7cpXtqlnRlm0ozl6:JqPnLFCjQ8DOETgsv/Gwv6nW0+rk

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks