Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7a5735e4c32e58f8e147ada740eebb77f9c2da5b7e86b0504d4bc2d3d28b0ac3

  • Size

    1.5MB

  • Sample

    221001-2ht37sach4

  • MD5

    71fffd8198a6d53bca7199df97479a30

  • SHA1

    11943267079d77d113ea40fb4f44338ccb3aafc8

  • SHA256

    7a5735e4c32e58f8e147ada740eebb77f9c2da5b7e86b0504d4bc2d3d28b0ac3

  • SHA512

    2498676f2f043969caff91d76a255d4ad1f2cb3591578cc7ad8593c22d1bf73cdae17e19e038500ecb9fce29726ce9ae7ce4e14ec3b24e87fef9a9181c3bfb06

  • SSDEEP

    24576:Yurw30PT1MadZMu+Zghv1dHNNLi/uagjbJft4cyekxY+aKBK4PMl7ie+IxsC+Tl:YAi0pZP+Z8PNQ/6PkRc4PMlme+G+Tl

Malware Config

Targets

    • Target

      7a5735e4c32e58f8e147ada740eebb77f9c2da5b7e86b0504d4bc2d3d28b0ac3

    • Size

      1.5MB

    • MD5

      71fffd8198a6d53bca7199df97479a30

    • SHA1

      11943267079d77d113ea40fb4f44338ccb3aafc8

    • SHA256

      7a5735e4c32e58f8e147ada740eebb77f9c2da5b7e86b0504d4bc2d3d28b0ac3

    • SHA512

      2498676f2f043969caff91d76a255d4ad1f2cb3591578cc7ad8593c22d1bf73cdae17e19e038500ecb9fce29726ce9ae7ce4e14ec3b24e87fef9a9181c3bfb06

    • SSDEEP

      24576:Yurw30PT1MadZMu+Zghv1dHNNLi/uagjbJft4cyekxY+aKBK4PMl7ie+IxsC+Tl:YAi0pZP+Z8PNQ/6PkRc4PMlme+G+Tl

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks