Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    cecedb270f63c94ac455d146f821761a5bd0c0aabb5f491e4cd28e1f085d05a4

  • Size

    2.5MB

  • Sample

    221124-k9x6hage7t

  • MD5

    91e7ed514535ddccf7ec7e93374aefe4

  • SHA1

    09ee4490a2eb030dc56051960cbb9b5df61db320

  • SHA256

    cecedb270f63c94ac455d146f821761a5bd0c0aabb5f491e4cd28e1f085d05a4

  • SHA512

    0093b761bac8fb8c0f983b4e9b73f47a944e2802b6564b4df2ef8d1b2f33edb279d232d082798317e0a999ba1e046238f4c6fb9966891939c4d82b981f794a89

  • SSDEEP

    49152:h1OsfMN6wdBh5N5Z4E8PuXitzuS4xBoYfzdgZ6YLFz5i4U/jA0GQ3o:h1OIMNtdBZouS4xK/hQY

Malware Config

Targets

    • Target

      cecedb270f63c94ac455d146f821761a5bd0c0aabb5f491e4cd28e1f085d05a4

    • Size

      2.5MB

    • MD5

      91e7ed514535ddccf7ec7e93374aefe4

    • SHA1

      09ee4490a2eb030dc56051960cbb9b5df61db320

    • SHA256

      cecedb270f63c94ac455d146f821761a5bd0c0aabb5f491e4cd28e1f085d05a4

    • SHA512

      0093b761bac8fb8c0f983b4e9b73f47a944e2802b6564b4df2ef8d1b2f33edb279d232d082798317e0a999ba1e046238f4c6fb9966891939c4d82b981f794a89

    • SSDEEP

      49152:h1OsfMN6wdBh5N5Z4E8PuXitzuS4xBoYfzdgZ6YLFz5i4U/jA0GQ3o:h1OIMNtdBZouS4xK/hQY

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks