Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d781c6cc95f4b995adc4c996a32fc6072d21e947f69c9d7ef1ac09650ac46808

  • Size

    307KB

  • Sample

    221011-axy7xsfge6

  • MD5

    7a94b174414736f01e16901655337098

  • SHA1

    15af50e4231263d8959a61b4ed4bf5e3be5d3d09

  • SHA256

    d781c6cc95f4b995adc4c996a32fc6072d21e947f69c9d7ef1ac09650ac46808

  • SHA512

    e8f39205d4cfd20b0aa475b3a6f051738c09658e0ef526d1eb0b2716a1ed09402554dd693e10df9191fa8bbc481a0911b172c4be612d808db1e10789928d3184

  • SSDEEP

    6144:QXQP2B++PxQZDFZHnSMagSqNGb2/g4OZInzepIao:4DB+kxehaJqqpazx

Malware Config

Targets

    • Target

      d781c6cc95f4b995adc4c996a32fc6072d21e947f69c9d7ef1ac09650ac46808

    • Size

      307KB

    • MD5

      7a94b174414736f01e16901655337098

    • SHA1

      15af50e4231263d8959a61b4ed4bf5e3be5d3d09

    • SHA256

      d781c6cc95f4b995adc4c996a32fc6072d21e947f69c9d7ef1ac09650ac46808

    • SHA512

      e8f39205d4cfd20b0aa475b3a6f051738c09658e0ef526d1eb0b2716a1ed09402554dd693e10df9191fa8bbc481a0911b172c4be612d808db1e10789928d3184

    • SSDEEP

      6144:QXQP2B++PxQZDFZHnSMagSqNGb2/g4OZInzepIao:4DB+kxehaJqqpazx

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks