Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    cce4b983be599432a2be9bb800e8f16be82023cd9144fb89991bc3349e6ccc22

  • Size

    2.1MB

  • Sample

    221123-1x5yksgd72

  • MD5

    2cf56f02efd4cda7557ecd53bc037b63

  • SHA1

    acbc01788b05b1d18f2d84e982b45fc2394eb459

  • SHA256

    cce4b983be599432a2be9bb800e8f16be82023cd9144fb89991bc3349e6ccc22

  • SHA512

    368bcf1df373d4ad474a29a97fbe8857ef839bb166cda39c46cf5459d496585604bcd05780a3fac115c7fbd0140f2613248620afdbca627ad0a06f967596d3c3

  • SSDEEP

    49152:h1OswkMyJo5w3LMa3PYN7i8Y0qKTsab07:h1Ojk/vnYdiR

Malware Config

Targets

    • Target

      cce4b983be599432a2be9bb800e8f16be82023cd9144fb89991bc3349e6ccc22

    • Size

      2.1MB

    • MD5

      2cf56f02efd4cda7557ecd53bc037b63

    • SHA1

      acbc01788b05b1d18f2d84e982b45fc2394eb459

    • SHA256

      cce4b983be599432a2be9bb800e8f16be82023cd9144fb89991bc3349e6ccc22

    • SHA512

      368bcf1df373d4ad474a29a97fbe8857ef839bb166cda39c46cf5459d496585604bcd05780a3fac115c7fbd0140f2613248620afdbca627ad0a06f967596d3c3

    • SSDEEP

      49152:h1OswkMyJo5w3LMa3PYN7i8Y0qKTsab07:h1Ojk/vnYdiR

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v6

Tasks