Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9ac73a5e83679e56131292354c793b8d94e8d0f3179ef899118abfed6040e398

  • Size

    2.1MB

  • Sample

    221125-rgks2ada27

  • MD5

    bd8eb892e27821b11b01cc475e160b77

  • SHA1

    94d7d203ac448af5649d7d35fb771a378b428afe

  • SHA256

    9ac73a5e83679e56131292354c793b8d94e8d0f3179ef899118abfed6040e398

  • SHA512

    f113214032ff2de7f44c09c4d2404971e3b23adf23e15d2dbea8a40c1d1024feddcb1e271bdd0359133474c946c767ddc67d1cfab0dccd455e0b05533d673dde

  • SSDEEP

    49152:h1OschvaZG1MVEtzijkTvu2x/uw4B8FHFF6z:h1ONvaxMziy3m

Malware Config

Targets

    • Target

      9ac73a5e83679e56131292354c793b8d94e8d0f3179ef899118abfed6040e398

    • Size

      2.1MB

    • MD5

      bd8eb892e27821b11b01cc475e160b77

    • SHA1

      94d7d203ac448af5649d7d35fb771a378b428afe

    • SHA256

      9ac73a5e83679e56131292354c793b8d94e8d0f3179ef899118abfed6040e398

    • SHA512

      f113214032ff2de7f44c09c4d2404971e3b23adf23e15d2dbea8a40c1d1024feddcb1e271bdd0359133474c946c767ddc67d1cfab0dccd455e0b05533d673dde

    • SSDEEP

      49152:h1OschvaZG1MVEtzijkTvu2x/uw4B8FHFF6z:h1ONvaxMziy3m

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v6

Tasks