Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    17eb6765eb6296b13494a5731996e8c8b268953d88ff74f6eb2f030f87eb1d20

  • Size

    931KB

  • Sample

    221124-mtpwascc21

  • MD5

    5fbd5196c8c87a249de153df878c8c70

  • SHA1

    94a93ad620ef2ae3804d92afe9a62f6b5f1ff383

  • SHA256

    17eb6765eb6296b13494a5731996e8c8b268953d88ff74f6eb2f030f87eb1d20

  • SHA512

    a1f1c8900b4f4855fd891064e34b55a912d15a147908295575f29e2ea6044a217ba075d0d11757e563f8eccc474dc6596441835fd1732f3dd0ba046943a1ab65

  • SSDEEP

    24576:h1OYdaOtMWSUbvCXEQKSqGv8VWumF6RmcJozyPvpft:h1OsfMWyUQ+GUVFIcHPvpft

Malware Config

Targets

    • Target

      17eb6765eb6296b13494a5731996e8c8b268953d88ff74f6eb2f030f87eb1d20

    • Size

      931KB

    • MD5

      5fbd5196c8c87a249de153df878c8c70

    • SHA1

      94a93ad620ef2ae3804d92afe9a62f6b5f1ff383

    • SHA256

      17eb6765eb6296b13494a5731996e8c8b268953d88ff74f6eb2f030f87eb1d20

    • SHA512

      a1f1c8900b4f4855fd891064e34b55a912d15a147908295575f29e2ea6044a217ba075d0d11757e563f8eccc474dc6596441835fd1732f3dd0ba046943a1ab65

    • SSDEEP

      24576:h1OYdaOtMWSUbvCXEQKSqGv8VWumF6RmcJozyPvpft:h1OsfMWyUQ+GUVFIcHPvpft

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks