Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    143aca82990f6a5c173446dc2e3b093f096418dbd4d8ea73d0dcac68cb514964

  • Size

    3.8MB

  • Sample

    221123-1qnqqaba5t

  • MD5

    caa6ca26a087fc7c18ff85593635f8a7

  • SHA1

    26a322c4f29406b3c47781f42b69412770a9d183

  • SHA256

    143aca82990f6a5c173446dc2e3b093f096418dbd4d8ea73d0dcac68cb514964

  • SHA512

    77b9befa876d2fa404e23f604a70d81bc1be12774ff157c64bd03359cd1751ae0f722ca353ed25d5a12b1a24c72ad63967b11e3d56caf2c17bb45a944f1d8bc0

  • SSDEEP

    98304:WhQGXP9BHGsbJ2Ao0c984YmUULZJLqL7kAEpEGT0AJ7t9LVvr8zpfas:eXPbGAJlob794zp

Malware Config

Targets

    • Target

      143aca82990f6a5c173446dc2e3b093f096418dbd4d8ea73d0dcac68cb514964

    • Size

      3.8MB

    • MD5

      caa6ca26a087fc7c18ff85593635f8a7

    • SHA1

      26a322c4f29406b3c47781f42b69412770a9d183

    • SHA256

      143aca82990f6a5c173446dc2e3b093f096418dbd4d8ea73d0dcac68cb514964

    • SHA512

      77b9befa876d2fa404e23f604a70d81bc1be12774ff157c64bd03359cd1751ae0f722ca353ed25d5a12b1a24c72ad63967b11e3d56caf2c17bb45a944f1d8bc0

    • SSDEEP

      98304:WhQGXP9BHGsbJ2Ao0c984YmUULZJLqL7kAEpEGT0AJ7t9LVvr8zpfas:eXPbGAJlob794zp

    • Registers COM server for autorun

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks