Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    304f41a1de3dbdfd51c7f7e05b921ec01d29fa63994a12b3516d2f3326431b5c

  • Size

    488KB

  • Sample

    221120-e9vsgsbc9y

  • MD5

    322917d75a80442f404c714c9dc0c470

  • SHA1

    2dd67cf02e1c07d1bdd06b037c8de34ec61a8b81

  • SHA256

    304f41a1de3dbdfd51c7f7e05b921ec01d29fa63994a12b3516d2f3326431b5c

  • SHA512

    d2c6047b128ac22776de0997dda444c4e0c1de6e8ef7a4420a768b01e4f33995e16b63dbc15d07af262576a9f3c6076b587cb97eb1cc1ebc34abbc1d28d1147c

  • SSDEEP

    12288:iodFeCXuLKcCVsz6SDLXoxfry/TsybAzO3z:hPeCXuLKdsO4L4xDegGq

Malware Config

Targets

    • Target

      304f41a1de3dbdfd51c7f7e05b921ec01d29fa63994a12b3516d2f3326431b5c

    • Size

      488KB

    • MD5

      322917d75a80442f404c714c9dc0c470

    • SHA1

      2dd67cf02e1c07d1bdd06b037c8de34ec61a8b81

    • SHA256

      304f41a1de3dbdfd51c7f7e05b921ec01d29fa63994a12b3516d2f3326431b5c

    • SHA512

      d2c6047b128ac22776de0997dda444c4e0c1de6e8ef7a4420a768b01e4f33995e16b63dbc15d07af262576a9f3c6076b587cb97eb1cc1ebc34abbc1d28d1147c

    • SSDEEP

      12288:iodFeCXuLKcCVsz6SDLXoxfry/TsybAzO3z:hPeCXuLKdsO4L4xDegGq

    • NirSoft MailPassView

      Password recovery tool for various email clients

    • Nirsoft

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses Microsoft Outlook accounts

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks