Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    91bebfe6d870b6cc1cbe3be00b9e10bab87c849c36b4264bb79a14d8c64cafb6

  • Size

    2.2MB

  • Sample

    221125-yh1n7sbb42

  • MD5

    2d7e2bc74ede724226fac02b0bc3d451

  • SHA1

    bd244c7d85370f6981c4d6f4ea2493d94093c9a1

  • SHA256

    91bebfe6d870b6cc1cbe3be00b9e10bab87c849c36b4264bb79a14d8c64cafb6

  • SHA512

    f78cefa295a8912c91701234274aee7d421d8f2194745af6c1201928de9703a2b71bc37691f050ae16ebe837a703339fec4da94c29bdd95a2e156d8fbb39de36

  • SSDEEP

    49152:ahDwLQifdBoDfAxtURbQcwdQIloIdWeqRG+EefTa9AfXjCZeRase4BXgOswsFtej:aI/fdBOfAxtURbEQIloIdWeqRG+EefTc

Malware Config

Targets

    • Target

      91bebfe6d870b6cc1cbe3be00b9e10bab87c849c36b4264bb79a14d8c64cafb6

    • Size

      2.2MB

    • MD5

      2d7e2bc74ede724226fac02b0bc3d451

    • SHA1

      bd244c7d85370f6981c4d6f4ea2493d94093c9a1

    • SHA256

      91bebfe6d870b6cc1cbe3be00b9e10bab87c849c36b4264bb79a14d8c64cafb6

    • SHA512

      f78cefa295a8912c91701234274aee7d421d8f2194745af6c1201928de9703a2b71bc37691f050ae16ebe837a703339fec4da94c29bdd95a2e156d8fbb39de36

    • SSDEEP

      49152:ahDwLQifdBoDfAxtURbQcwdQIloIdWeqRG+EefTa9AfXjCZeRase4BXgOswsFtej:aI/fdBOfAxtURbEQIloIdWeqRG+EefTc

    • Executes dropped EXE

    • Registers COM server for autorun

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v6

Tasks