Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b457f291369ba42e32b5eac7cd721d12d5aa943442be103749756bfdd06283af

  • Size

    149KB

  • Sample

    221021-da5yqshcd2

  • MD5

    4f47c6f97a61e28c251ccba05c7c9b86

  • SHA1

    4661d019647d28f9a7687f46ab9dfb25f52cc77c

  • SHA256

    b457f291369ba42e32b5eac7cd721d12d5aa943442be103749756bfdd06283af

  • SHA512

    225c0a388317a7f08d01af3fb974dce7d079176292224b6cda26fac5bd90910284cdf92a45eaf7f8473cea6caba5667b8d6d9bdf14dc57429b199105bcb6690a

  • SSDEEP

    3072:JTJK5SKcSNFcmTJK5cjMWoe0c8TilDcq15:JTJrRyWmTJh5yc8TO915

Malware Config

Targets

    • Target

      b457f291369ba42e32b5eac7cd721d12d5aa943442be103749756bfdd06283af

    • Size

      149KB

    • MD5

      4f47c6f97a61e28c251ccba05c7c9b86

    • SHA1

      4661d019647d28f9a7687f46ab9dfb25f52cc77c

    • SHA256

      b457f291369ba42e32b5eac7cd721d12d5aa943442be103749756bfdd06283af

    • SHA512

      225c0a388317a7f08d01af3fb974dce7d079176292224b6cda26fac5bd90910284cdf92a45eaf7f8473cea6caba5667b8d6d9bdf14dc57429b199105bcb6690a

    • SSDEEP

      3072:JTJK5SKcSNFcmTJK5cjMWoe0c8TilDcq15:JTJrRyWmTJh5yc8TO915

    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • Adds policy Run key to start application

    • Disables RegEdit via registry modification

    • Disables Task Manager via registry modification

    • Executes dropped EXE

    • Sets file execution options in registry

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks