Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    24f24e0d301c497421da5b326fad07b25ed8119af370b44c0d9dfa42ccd3df6e

  • Size

    725KB

  • Sample

    221030-cjjw7ahbbk

  • MD5

    a2dfd457a2aa30671d19ba61d9f36060

  • SHA1

    e8ee0b1eec7e5fd264fbdf6e81925b779a3a7495

  • SHA256

    24f24e0d301c497421da5b326fad07b25ed8119af370b44c0d9dfa42ccd3df6e

  • SHA512

    7c09390d2ffa620e007e715803f192ce1af22029afb0645e2a487fabf4d5d1aeb4b34465fc9731bd82b88123948d3652d7fd158dc6ce71482a4cee505b9c4c76

  • SSDEEP

    12288:FcSyKHAjTtHerfrcoqChfprOlkYRpufZwyV9mOAH1cpJVze1pZKO7erzduNGXfeR:Z4H5xChfpUaheUniXe/oNGXfe393Faa3

Malware Config

Targets

    • Target

      24f24e0d301c497421da5b326fad07b25ed8119af370b44c0d9dfa42ccd3df6e

    • Size

      725KB

    • MD5

      a2dfd457a2aa30671d19ba61d9f36060

    • SHA1

      e8ee0b1eec7e5fd264fbdf6e81925b779a3a7495

    • SHA256

      24f24e0d301c497421da5b326fad07b25ed8119af370b44c0d9dfa42ccd3df6e

    • SHA512

      7c09390d2ffa620e007e715803f192ce1af22029afb0645e2a487fabf4d5d1aeb4b34465fc9731bd82b88123948d3652d7fd158dc6ce71482a4cee505b9c4c76

    • SSDEEP

      12288:FcSyKHAjTtHerfrcoqChfprOlkYRpufZwyV9mOAH1cpJVze1pZKO7erzduNGXfeR:Z4H5xChfpUaheUniXe/oNGXfe393Faa3

    • Modifies WinLogon for persistence

    • Modifies visibility of file extensions in Explorer

    • UAC bypass

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks