Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c44dc08a38e574bfba2e8ff7e0c95d6f4d26d0b041ad60df24cbf95d1be4e85b
-
Size
615KB
-
Sample
250328-mcvp8awqv2
-
MD5
0cccb7731df5885d0405e9243cc27186
-
SHA1
b4d00aac110acfbb3da657a57f3ba43c968f4c22
-
SHA256
c44dc08a38e574bfba2e8ff7e0c95d6f4d26d0b041ad60df24cbf95d1be4e85b
-
SHA512
ff6c364decbd3ec6d9c291e670839ff2537e7914fbd7dd8e85a363270c6a8609f3c1b72edac482d11f8749a17b4c5c007cd4f5917c7ada66cbb0f2f36fbf3099
-
SSDEEP
12288:YXvoWzJMd1MOqctASMZ6upAbyXjARtxldrK7mfk:W5zGYTwuebeIHk
Malware Config
Targets
-
-
Target
c44dc08a38e574bfba2e8ff7e0c95d6f4d26d0b041ad60df24cbf95d1be4e85b
-
Size
615KB
-
MD5
0cccb7731df5885d0405e9243cc27186
-
SHA1
b4d00aac110acfbb3da657a57f3ba43c968f4c22
-
SHA256
c44dc08a38e574bfba2e8ff7e0c95d6f4d26d0b041ad60df24cbf95d1be4e85b
-
SHA512
ff6c364decbd3ec6d9c291e670839ff2537e7914fbd7dd8e85a363270c6a8609f3c1b72edac482d11f8749a17b4c5c007cd4f5917c7ada66cbb0f2f36fbf3099
-
SSDEEP
12288:YXvoWzJMd1MOqctASMZ6upAbyXjARtxldrK7mfk:W5zGYTwuebeIHk
Score7/10-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
1Subvert Trust Controls
1Install Root Certificate
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1