Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2a9d596b21e6826d18e80009a181733c4e1a381341a17d73d7b4c1155a6260cf

  • Size

    770KB

  • Sample

    221030-3wwpmafch5

  • MD5

    a1a36cb461c870a314176e70b814ffc1

  • SHA1

    0454dd42926e3637ed36842fae4727ae6f36f18d

  • SHA256

    2a9d596b21e6826d18e80009a181733c4e1a381341a17d73d7b4c1155a6260cf

  • SHA512

    3983c7dd6b1662a63a3947586dfbae3102ff7936fbccfcd19d517fb7b79a1a0ac38e934453561392630d2dc593c71d8b9ea420daa74b1f544641b907985f3958

  • SSDEEP

    24576:FsqSroAupL8uSrOKMU6TT2GxvEEHWmMz6bLlxwFHy:FGD+LzGBzsNN6ifwdy

Malware Config

Targets

    • Target

      2a9d596b21e6826d18e80009a181733c4e1a381341a17d73d7b4c1155a6260cf

    • Size

      770KB

    • MD5

      a1a36cb461c870a314176e70b814ffc1

    • SHA1

      0454dd42926e3637ed36842fae4727ae6f36f18d

    • SHA256

      2a9d596b21e6826d18e80009a181733c4e1a381341a17d73d7b4c1155a6260cf

    • SHA512

      3983c7dd6b1662a63a3947586dfbae3102ff7936fbccfcd19d517fb7b79a1a0ac38e934453561392630d2dc593c71d8b9ea420daa74b1f544641b907985f3958

    • SSDEEP

      24576:FsqSroAupL8uSrOKMU6TT2GxvEEHWmMz6bLlxwFHy:FGD+LzGBzsNN6ifwdy

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks