Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5196f086e2d24d9c6cd3b444916cd6c626dfe5aa899ff77dad6ee825a2afa6c6

  • Size

    1.0MB

  • Sample

    221003-2l8e1aafc4

  • MD5

    402964b5c4408ffdbd1344e5f7b803ef

  • SHA1

    b1c5e852987b48056b3afd912bf1c75436acde0f

  • SHA256

    5196f086e2d24d9c6cd3b444916cd6c626dfe5aa899ff77dad6ee825a2afa6c6

  • SHA512

    21c2912e0341bfc91698a5630a008aa28950c09f03466cac0f0bf09e4403fce5f12489a530841ce0f829c927036476b2770b7e11ecf5bdd6aa195883f21a453e

  • SSDEEP

    24576:i9r+hGQ9e+PWfpbNVoxYrbjjeA2iIoTKR/hTuqXoG:a+hGQ9ZPWfNoajedichTRXj

Malware Config

Targets

    • Target

      5196f086e2d24d9c6cd3b444916cd6c626dfe5aa899ff77dad6ee825a2afa6c6

    • Size

      1.0MB

    • MD5

      402964b5c4408ffdbd1344e5f7b803ef

    • SHA1

      b1c5e852987b48056b3afd912bf1c75436acde0f

    • SHA256

      5196f086e2d24d9c6cd3b444916cd6c626dfe5aa899ff77dad6ee825a2afa6c6

    • SHA512

      21c2912e0341bfc91698a5630a008aa28950c09f03466cac0f0bf09e4403fce5f12489a530841ce0f829c927036476b2770b7e11ecf5bdd6aa195883f21a453e

    • SSDEEP

      24576:i9r+hGQ9e+PWfpbNVoxYrbjjeA2iIoTKR/hTuqXoG:a+hGQ9ZPWfNoajedichTRXj

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks