Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Lucky_Fixed.exe

  • Size

    1.3MB

  • Sample

    250303-bdlcds1wbz

  • MD5

    22f9e047e9ad28833a7a9d0eae7751f6

  • SHA1

    8f917399d4c41039cb1936d088a527a6f6f668f8

  • SHA256

    61bca7ed28983ab20291d95eeda5bbc49d523af70ca6b448e86ccad5105a2bb9

  • SHA512

    208ee88d6557a97171d14b82f17aa2e88732367f2e7f36efb2b81ae99e3ebb7ae80dbd4cd9c86f082e2ceb7509e0ec4539dd49a8b3911fb4f7d3af64af8c035a

  • SSDEEP

    24576:ZqPvbuhZUTd8hhUF54clNf7+6uHAW92zt/sWu2BSMCqDoRX:qbKo54clgLH+tkWJ0NJ

Malware Config

Targets

    • Target

      Lucky_Fixed.exe

    • Size

      1.3MB

    • MD5

      22f9e047e9ad28833a7a9d0eae7751f6

    • SHA1

      8f917399d4c41039cb1936d088a527a6f6f668f8

    • SHA256

      61bca7ed28983ab20291d95eeda5bbc49d523af70ca6b448e86ccad5105a2bb9

    • SHA512

      208ee88d6557a97171d14b82f17aa2e88732367f2e7f36efb2b81ae99e3ebb7ae80dbd4cd9c86f082e2ceb7509e0ec4539dd49a8b3911fb4f7d3af64af8c035a

    • SSDEEP

      24576:ZqPvbuhZUTd8hhUF54clNf7+6uHAW92zt/sWu2BSMCqDoRX:qbKo54clgLH+tkWJ0NJ

    • Detects Echelon Stealer payload

    • Echelon

      Echelon is a .NET stealer that targets passwords from browsers, email and cryptocurrency clients.

    • Echelon family

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks