Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f0d26d73b326478c0805de8f1c46da495ddd13d9de0dab8ca865b969032d2345

  • Size

    500KB

  • Sample

    221027-f8kfssbaa3

  • MD5

    b625b87a9dfdc345d226e913f9f95d77

  • SHA1

    6a46bf2364024c654a0a7ee5108a0b58414df2bf

  • SHA256

    f0d26d73b326478c0805de8f1c46da495ddd13d9de0dab8ca865b969032d2345

  • SHA512

    855f4c682f37dd9ff9395d699410d14528971795caeb9af80015ceb5948eee19c00ab6dd5d6d92be664197a4cf8f8310fab7966be15f2a791e357abb70c1cbd0

  • SSDEEP

    6144:qa+tnVAIV+k9xHJyfJ4+dIE4n9xrH/vlWBRdLbyx68pjdVym/OyIOSbCCCCCC:q5tnGIV+kO1dIE4n3rlYFGx68NdV5Id

Malware Config

Targets

    • Target

      f0d26d73b326478c0805de8f1c46da495ddd13d9de0dab8ca865b969032d2345

    • Size

      500KB

    • MD5

      b625b87a9dfdc345d226e913f9f95d77

    • SHA1

      6a46bf2364024c654a0a7ee5108a0b58414df2bf

    • SHA256

      f0d26d73b326478c0805de8f1c46da495ddd13d9de0dab8ca865b969032d2345

    • SHA512

      855f4c682f37dd9ff9395d699410d14528971795caeb9af80015ceb5948eee19c00ab6dd5d6d92be664197a4cf8f8310fab7966be15f2a791e357abb70c1cbd0

    • SSDEEP

      6144:qa+tnVAIV+k9xHJyfJ4+dIE4n9xrH/vlWBRdLbyx68pjdVym/OyIOSbCCCCCC:q5tnGIV+kO1dIE4n3rlYFGx68NdV5Id

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks