Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    111e86aacb8bd52339cdfff3cb8b4d34aba611f31edd26968048b6c087840d83

  • Size

    607KB

  • Sample

    221020-paa9xacggl

  • MD5

    731722135b0186ccbce4e924ec43ff70

  • SHA1

    4488df21de38e385e8942f317bf248743d2a854b

  • SHA256

    111e86aacb8bd52339cdfff3cb8b4d34aba611f31edd26968048b6c087840d83

  • SHA512

    5d9641302be7865957e223702bcbd9dc75303a04dbfb9709b72a758ebf015c606c3f61ae43616975e8fba63a29dd5e469133cef42f5c0d86e785b4b1a8e688fd

  • SSDEEP

    12288:nWUTFrf1wrylZCQn0EeZ9N242YaWOrjX/CUP/p1WxFLBxjxriEpQS:nWyFrfhAEdFWO/X/CwvWxFBxjxriEX

Malware Config

Targets

    • Target

      111e86aacb8bd52339cdfff3cb8b4d34aba611f31edd26968048b6c087840d83

    • Size

      607KB

    • MD5

      731722135b0186ccbce4e924ec43ff70

    • SHA1

      4488df21de38e385e8942f317bf248743d2a854b

    • SHA256

      111e86aacb8bd52339cdfff3cb8b4d34aba611f31edd26968048b6c087840d83

    • SHA512

      5d9641302be7865957e223702bcbd9dc75303a04dbfb9709b72a758ebf015c606c3f61ae43616975e8fba63a29dd5e469133cef42f5c0d86e785b4b1a8e688fd

    • SSDEEP

      12288:nWUTFrf1wrylZCQn0EeZ9N242YaWOrjX/CUP/p1WxFLBxjxriEpQS:nWyFrfhAEdFWO/X/CwvWxFBxjxriEX

    • Modifies WinLogon for persistence

    • Modifies visibility of file extensions in Explorer

    • UAC bypass

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Checks whether UAC is enabled

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks