Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e1a0b36c43059e77a0a6d3700ee8ccaf850690f86d8a6420e66661e26f380286

  • Size

    2.0MB

  • Sample

    221127-e3xy9shh46

  • MD5

    1d9bcbd5859d5d69bad2869c2fa19016

  • SHA1

    62030abc7353ca18ce8223752d1015b6e322d121

  • SHA256

    e1a0b36c43059e77a0a6d3700ee8ccaf850690f86d8a6420e66661e26f380286

  • SHA512

    9d21f07b28d6e99ee4e1f8cec9a65218109d731e148d3dcccb64314a881bc8d43e9bfaddaec977389131d989edbebc76bd78f6bc19b3f24bc7ca17e4e129e88c

  • SSDEEP

    49152:h1OsuNQToNVxbNrInKtDSwSm7CXH9e7B6cr7J30Ct40pTJ:h1OFNQUNVxNpSmGXMvxdtN

Malware Config

Targets

    • Target

      e1a0b36c43059e77a0a6d3700ee8ccaf850690f86d8a6420e66661e26f380286

    • Size

      2.0MB

    • MD5

      1d9bcbd5859d5d69bad2869c2fa19016

    • SHA1

      62030abc7353ca18ce8223752d1015b6e322d121

    • SHA256

      e1a0b36c43059e77a0a6d3700ee8ccaf850690f86d8a6420e66661e26f380286

    • SHA512

      9d21f07b28d6e99ee4e1f8cec9a65218109d731e148d3dcccb64314a881bc8d43e9bfaddaec977389131d989edbebc76bd78f6bc19b3f24bc7ca17e4e129e88c

    • SSDEEP

      49152:h1OsuNQToNVxbNrInKtDSwSm7CXH9e7B6cr7J30Ct40pTJ:h1OFNQUNVxNpSmGXMvxdtN

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v6

Tasks