Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7e42cde5097c4137af5d193692c1056eb689ddd8187b4d6764946fed03e996b9

  • Size

    726KB

  • Sample

    221030-178r8adhdm

  • MD5

    a0ea30310662f37c50143fc5da86ab50

  • SHA1

    e6170b6d05bec582849afbb49275f764b7a651b9

  • SHA256

    7e42cde5097c4137af5d193692c1056eb689ddd8187b4d6764946fed03e996b9

  • SHA512

    7c7dd96ef91b6316780dfe0b644bba0cf6f2850be7e3695580a721373f649a19d851f1603884a2d95cb95c8d91259ab8e2a51c17877e6db35e535fba11a09300

  • SSDEEP

    12288:VViQhHm3ri9An07OAoaK89JH4Q7h6rY0cNy/WBfcU1RTcr70i1UHmdEib6vlP:VsuHBO0CAH4EIrCy/WBRwr73pEibk

Malware Config

Targets

    • Target

      7e42cde5097c4137af5d193692c1056eb689ddd8187b4d6764946fed03e996b9

    • Size

      726KB

    • MD5

      a0ea30310662f37c50143fc5da86ab50

    • SHA1

      e6170b6d05bec582849afbb49275f764b7a651b9

    • SHA256

      7e42cde5097c4137af5d193692c1056eb689ddd8187b4d6764946fed03e996b9

    • SHA512

      7c7dd96ef91b6316780dfe0b644bba0cf6f2850be7e3695580a721373f649a19d851f1603884a2d95cb95c8d91259ab8e2a51c17877e6db35e535fba11a09300

    • SSDEEP

      12288:VViQhHm3ri9An07OAoaK89JH4Q7h6rY0cNy/WBfcU1RTcr70i1UHmdEib6vlP:VsuHBO0CAH4EIrCy/WBRwr73pEibk

    • Modifies WinLogon for persistence

    • Modifies visibility of file extensions in Explorer

    • UAC bypass

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks