Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1e7e6eb6a7a733f131498cc030825ac908e1706294800d5f19252910c08b1300

  • Size

    562KB

  • Sample

    221030-cpe57ahcfr

  • MD5

    a29f4477a8ce8bf411be286ceb342400

  • SHA1

    bf7b576187219d47f799483c74d6a5d3cac09a3f

  • SHA256

    1e7e6eb6a7a733f131498cc030825ac908e1706294800d5f19252910c08b1300

  • SHA512

    779004c93d76706ed391e3b7e7f5d57bc879381aa31dfa66f7a643de6c69d412f326140fb6eb2db9a84ca76829e5fe3107fb9fb0daaa90ae01506badb5adb7b0

  • SSDEEP

    12288:LCQeCjVr+8Yo3goxa6HkwlHk2uDN5zNWJS6rsDfjuGfy25d2:giVrbgox5kw5k20NJ6Rgju+5d2

Malware Config

Targets

    • Target

      1e7e6eb6a7a733f131498cc030825ac908e1706294800d5f19252910c08b1300

    • Size

      562KB

    • MD5

      a29f4477a8ce8bf411be286ceb342400

    • SHA1

      bf7b576187219d47f799483c74d6a5d3cac09a3f

    • SHA256

      1e7e6eb6a7a733f131498cc030825ac908e1706294800d5f19252910c08b1300

    • SHA512

      779004c93d76706ed391e3b7e7f5d57bc879381aa31dfa66f7a643de6c69d412f326140fb6eb2db9a84ca76829e5fe3107fb9fb0daaa90ae01506badb5adb7b0

    • SSDEEP

      12288:LCQeCjVr+8Yo3goxa6HkwlHk2uDN5zNWJS6rsDfjuGfy25d2:giVrbgox5kw5k20NJ6Rgju+5d2

    • Modifies visibility of file extensions in Explorer

    • UAC bypass

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks