Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    19531b27321cf79f8fea9715777c391d5f0d796077e634206294d7369024bea0

  • Size

    957KB

  • Sample

    221030-dmfvdaagbl

  • MD5

    93ddaf1feb63ba47ac8c5396cb475eac

  • SHA1

    105669b2a15e45b6f7c12141f8fdd10c82e6b23a

  • SHA256

    19531b27321cf79f8fea9715777c391d5f0d796077e634206294d7369024bea0

  • SHA512

    3c30e11f9824ec26e6a08365c6910d56e7622f6eb6b08f03b474d9e814ef965dea5a27cfe0bed4e4a3ae299abc331e321ef41fbfdb6d725cc0e7221056012279

  • SSDEEP

    24576:zCF80piqnZp9Qu1Y0nmen61qLL0pbacdj4knmKaKeBvj:zCFpp/nd1YGmennLL6OcdjHFK7

Malware Config

Targets

    • Target

      19531b27321cf79f8fea9715777c391d5f0d796077e634206294d7369024bea0

    • Size

      957KB

    • MD5

      93ddaf1feb63ba47ac8c5396cb475eac

    • SHA1

      105669b2a15e45b6f7c12141f8fdd10c82e6b23a

    • SHA256

      19531b27321cf79f8fea9715777c391d5f0d796077e634206294d7369024bea0

    • SHA512

      3c30e11f9824ec26e6a08365c6910d56e7622f6eb6b08f03b474d9e814ef965dea5a27cfe0bed4e4a3ae299abc331e321ef41fbfdb6d725cc0e7221056012279

    • SSDEEP

      24576:zCF80piqnZp9Qu1Y0nmen61qLL0pbacdj4knmKaKeBvj:zCFpp/nd1YGmennLL6OcdjHFK7

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks