Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    dbdc011d4b9e4aa241b067902c0719d6645250411bb31b9ac376b50e6627a387

  • Size

    268KB

  • Sample

    221008-wke46sfcdp

  • MD5

    10a68449db6c148bde2a91aec07b327a

  • SHA1

    4d2fb416ac5779af6a89116b2bb8b13181aee650

  • SHA256

    dbdc011d4b9e4aa241b067902c0719d6645250411bb31b9ac376b50e6627a387

  • SHA512

    d01d4245cc6689125b5fd65baf83c5749fb1392fbb09fe99763bada26c21af48025ad571be440b9e3c62c4c64edc3936742243fa2c37b753a313a68dfc774359

  • SSDEEP

    3072:AXK6qB+sjver8F/24XrIIHga5icStE9mPEd0jLQarqBqPuqHLCseYnM/h3qpZa96:0VqB+sjy4rIIwREdyUJLrsNnrwVfXQ

Malware Config

Targets

    • Target

      dbdc011d4b9e4aa241b067902c0719d6645250411bb31b9ac376b50e6627a387

    • Size

      268KB

    • MD5

      10a68449db6c148bde2a91aec07b327a

    • SHA1

      4d2fb416ac5779af6a89116b2bb8b13181aee650

    • SHA256

      dbdc011d4b9e4aa241b067902c0719d6645250411bb31b9ac376b50e6627a387

    • SHA512

      d01d4245cc6689125b5fd65baf83c5749fb1392fbb09fe99763bada26c21af48025ad571be440b9e3c62c4c64edc3936742243fa2c37b753a313a68dfc774359

    • SSDEEP

      3072:AXK6qB+sjver8F/24XrIIHga5icStE9mPEd0jLQarqBqPuqHLCseYnM/h3qpZa96:0VqB+sjy4rIIwREdyUJLrsNnrwVfXQ

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks