Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b290a371ec05c2194ab6f07ae8ae8a3d8958fdfa9efa7da820c453ec689261f8

  • Size

    2.1MB

  • Sample

    221124-fkaxfsde7z

  • MD5

    8a19b2e00c37c605c0f0bd1bf61a963c

  • SHA1

    2f3ac34d75f515c351bb5303a645a4df6c8e2c24

  • SHA256

    b290a371ec05c2194ab6f07ae8ae8a3d8958fdfa9efa7da820c453ec689261f8

  • SHA512

    90c1d9f3d1946e6876e3b41606ebe597ecea5730bba69c2d9732ed1af385068d28da1b904490b37bb1f5d58db5b5254accfb17bca28df3ae0d50692f04cfece5

  • SSDEEP

    24576:h1OYdaODNVGiAEAd/KjjBKyu73i8mxcmMMV6zs+G/pC2d1RJoTJnQqphTuS2MD3W:h1Os4MAd/OxfV6zZGYg1RJQnFrTc2Sh

Malware Config

Targets

    • Target

      b290a371ec05c2194ab6f07ae8ae8a3d8958fdfa9efa7da820c453ec689261f8

    • Size

      2.1MB

    • MD5

      8a19b2e00c37c605c0f0bd1bf61a963c

    • SHA1

      2f3ac34d75f515c351bb5303a645a4df6c8e2c24

    • SHA256

      b290a371ec05c2194ab6f07ae8ae8a3d8958fdfa9efa7da820c453ec689261f8

    • SHA512

      90c1d9f3d1946e6876e3b41606ebe597ecea5730bba69c2d9732ed1af385068d28da1b904490b37bb1f5d58db5b5254accfb17bca28df3ae0d50692f04cfece5

    • SSDEEP

      24576:h1OYdaODNVGiAEAd/KjjBKyu73i8mxcmMMV6zs+G/pC2d1RJoTJnQqphTuS2MD3W:h1Os4MAd/OxfV6zZGYg1RJQnFrTc2Sh

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks