Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    15558f0a11c5245ae52ee1b2b613ceeda48f51b25463b012ad5fcc4ea6341642

  • Size

    452KB

  • Sample

    221124-l23axsad2w

  • MD5

    2226cd89c3088560f23b833d6a2eb2f4

  • SHA1

    b4db1a89cab39ff1b2ba91331ba8f0b0b3f70a21

  • SHA256

    15558f0a11c5245ae52ee1b2b613ceeda48f51b25463b012ad5fcc4ea6341642

  • SHA512

    9935ff9762cc7ddc4963f984006715be57ebcde0768de47f370d2d3e8fb2a6d2d7b3980349e038331ae20bb73f0f4709cf15418343dfb9a833c94429099c7558

  • SSDEEP

    6144:YmXr5i38ViHJUbuZoIKjvUv9vl9nWYia2pD48cTHL82/3:Ymr5i38VeUbBIKjvQ5l9nW2+BqL82/

Malware Config

Targets

    • Target

      15558f0a11c5245ae52ee1b2b613ceeda48f51b25463b012ad5fcc4ea6341642

    • Size

      452KB

    • MD5

      2226cd89c3088560f23b833d6a2eb2f4

    • SHA1

      b4db1a89cab39ff1b2ba91331ba8f0b0b3f70a21

    • SHA256

      15558f0a11c5245ae52ee1b2b613ceeda48f51b25463b012ad5fcc4ea6341642

    • SHA512

      9935ff9762cc7ddc4963f984006715be57ebcde0768de47f370d2d3e8fb2a6d2d7b3980349e038331ae20bb73f0f4709cf15418343dfb9a833c94429099c7558

    • SSDEEP

      6144:YmXr5i38ViHJUbuZoIKjvUv9vl9nWYia2pD48cTHL82/3:Ymr5i38VeUbBIKjvQ5l9nW2+BqL82/

    • UAC bypass

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks whether UAC is enabled

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks