Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f79c90eda6c8ea21e60f6a8a707e758513e13e0081258606b0a4750a0af0e438
-
Size
3.8MB
-
Sample
220914-2b5lcsfcbj
-
MD5
ca940ba23a365839caa3091ce3d47219
-
SHA1
6becb2dc6f5230a66e2840d801d34034e0216c92
-
SHA256
f79c90eda6c8ea21e60f6a8a707e758513e13e0081258606b0a4750a0af0e438
-
SHA512
021abcfd4a524ec6c912f82a50d69582315f96773cdbbb2d2b723ffae6911eda31916d40fb1055cc3e3be57a109f6294fed76f735bf0bb3fdece38ed1acd50e9
-
SSDEEP
98304:sa/l7xGEPRfn8N/U7XXA5R/rNMH7N6DwHVSNlqk4WuJ:X/ldFPxn8K7nAXrN6VHklqk4/
Malware Config
Targets
-
-
Target
f79c90eda6c8ea21e60f6a8a707e758513e13e0081258606b0a4750a0af0e438
-
Size
3.8MB
-
MD5
ca940ba23a365839caa3091ce3d47219
-
SHA1
6becb2dc6f5230a66e2840d801d34034e0216c92
-
SHA256
f79c90eda6c8ea21e60f6a8a707e758513e13e0081258606b0a4750a0af0e438
-
SHA512
021abcfd4a524ec6c912f82a50d69582315f96773cdbbb2d2b723ffae6911eda31916d40fb1055cc3e3be57a109f6294fed76f735bf0bb3fdece38ed1acd50e9
-
SSDEEP
98304:sa/l7xGEPRfn8N/U7XXA5R/rNMH7N6DwHVSNlqk4WuJ:X/ldFPxn8K7nAXrN6VHklqk4/
Score8/10-
Blocklisted process makes network request
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-