Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    83c5bfda45d9f36fdfc3f4fa6b0ef3c1512f0d613e19508fb29193dd3a25eae7

  • Size

    613KB

  • Sample

    221001-wppjeahga5

  • MD5

    61499478b9349400960eed4f38fe8d81

  • SHA1

    68db254441714cd70cb9f97b7eea2b7ad3ee4d24

  • SHA256

    83c5bfda45d9f36fdfc3f4fa6b0ef3c1512f0d613e19508fb29193dd3a25eae7

  • SHA512

    289384e4a8ff49a17d0e97add2eed7ae859d67ac6d8cb8819c4f4f0b5c49dd3eb6d7069080abe9ff9160a4beb8936b0e2ebf95d0c0a9cccfaea331be92018c2b

  • SSDEEP

    12288:Y5FXC1Hxfob9fzzQEmm9RNQBeAKcdIxIQsW8+AIWH2:Y5FeHxfob9fHQE57GE1XA

Malware Config

Targets

    • Target

      83c5bfda45d9f36fdfc3f4fa6b0ef3c1512f0d613e19508fb29193dd3a25eae7

    • Size

      613KB

    • MD5

      61499478b9349400960eed4f38fe8d81

    • SHA1

      68db254441714cd70cb9f97b7eea2b7ad3ee4d24

    • SHA256

      83c5bfda45d9f36fdfc3f4fa6b0ef3c1512f0d613e19508fb29193dd3a25eae7

    • SHA512

      289384e4a8ff49a17d0e97add2eed7ae859d67ac6d8cb8819c4f4f0b5c49dd3eb6d7069080abe9ff9160a4beb8936b0e2ebf95d0c0a9cccfaea331be92018c2b

    • SSDEEP

      12288:Y5FXC1Hxfob9fzzQEmm9RNQBeAKcdIxIQsW8+AIWH2:Y5FeHxfob9fHQE57GE1XA

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks