Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a6d79208ffd797d53bfaf8bebb9988f4400c138d0f3ecd466f6e6adb13cb4e59

  • Size

    759KB

  • Sample

    221125-l2766shd68

  • MD5

    d9ea4f8848c1349ce785e76c04f9c603

  • SHA1

    31933f0a34d0bdac3007b0248adfbe16916a9a7d

  • SHA256

    a6d79208ffd797d53bfaf8bebb9988f4400c138d0f3ecd466f6e6adb13cb4e59

  • SHA512

    ab257a38c41d4b1e32828ce418b238bbdba2ca969c5f66354a39958751ba2c9d72935a595901c890bcddb109de797042f7279e12b314967edcfd4db463d668ef

  • SSDEEP

    3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1

Malware Config

Targets

    • Target

      a6d79208ffd797d53bfaf8bebb9988f4400c138d0f3ecd466f6e6adb13cb4e59

    • Size

      759KB

    • MD5

      d9ea4f8848c1349ce785e76c04f9c603

    • SHA1

      31933f0a34d0bdac3007b0248adfbe16916a9a7d

    • SHA256

      a6d79208ffd797d53bfaf8bebb9988f4400c138d0f3ecd466f6e6adb13cb4e59

    • SHA512

      ab257a38c41d4b1e32828ce418b238bbdba2ca969c5f66354a39958751ba2c9d72935a595901c890bcddb109de797042f7279e12b314967edcfd4db463d668ef

    • SSDEEP

      3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Adds policy Run key to start application

    • Executes dropped EXE

    • Sets file execution options in registry

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks