Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6f241333ac3da2b0f93e15fb204513e3d5e94b9e150f05ca019844ef600dcd98

  • Size

    119KB

  • Sample

    220919-sqd8aaacgp

  • MD5

    26347ee81af35240a73ac7b4aa91299a

  • SHA1

    2bcbab1de707e3eba7b44c97ac00bc68ca89462b

  • SHA256

    6f241333ac3da2b0f93e15fb204513e3d5e94b9e150f05ca019844ef600dcd98

  • SHA512

    a21adeb9933c4f37277dbd9007ab55123948b07ee92fcfffe791d248ee1cef88010fff35fbd930e4335a27909ed5e2584a6c2ecd733d7309dbedb80cadec92cc

  • SSDEEP

    3072:wBUOxNGh/uunr3/qGLcPmq3ldSvKwqoSeE:rOxNZunznRq3qywqr

Malware Config

Targets

    • Target

      6f241333ac3da2b0f93e15fb204513e3d5e94b9e150f05ca019844ef600dcd98

    • Size

      119KB

    • MD5

      26347ee81af35240a73ac7b4aa91299a

    • SHA1

      2bcbab1de707e3eba7b44c97ac00bc68ca89462b

    • SHA256

      6f241333ac3da2b0f93e15fb204513e3d5e94b9e150f05ca019844ef600dcd98

    • SHA512

      a21adeb9933c4f37277dbd9007ab55123948b07ee92fcfffe791d248ee1cef88010fff35fbd930e4335a27909ed5e2584a6c2ecd733d7309dbedb80cadec92cc

    • SSDEEP

      3072:wBUOxNGh/uunr3/qGLcPmq3ldSvKwqoSeE:rOxNZunznRq3qywqr

    • Pony,Fareit

      Pony is a Remote Access Trojan application that steals information.

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks