Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    97dbf79b4b15389e56acde2ec36b1bd673f100a3d8847850f92cf53d3cc20876

  • Size

    2.0MB

  • Sample

    221127-f8rj4scg42

  • MD5

    42441819a97201224e82e0886c187bef

  • SHA1

    5717927f8f035f70393ea27b322d75cce8e347b8

  • SHA256

    97dbf79b4b15389e56acde2ec36b1bd673f100a3d8847850f92cf53d3cc20876

  • SHA512

    a278b658b92b4f769671f1ac2fa1690ec02856f2b318a34904a651ca31f44205456f034341397d85e6279a289329c6f7a8a0c58a6943cfd08394659126d055e5

  • SSDEEP

    49152:h1OsiNQToNVxbNrInKtDSwSm7CXH9e7B6cr7J30Ct40pTh:h1OdNQUNVxNpSmGXMvxdt1

Malware Config

Targets

    • Target

      97dbf79b4b15389e56acde2ec36b1bd673f100a3d8847850f92cf53d3cc20876

    • Size

      2.0MB

    • MD5

      42441819a97201224e82e0886c187bef

    • SHA1

      5717927f8f035f70393ea27b322d75cce8e347b8

    • SHA256

      97dbf79b4b15389e56acde2ec36b1bd673f100a3d8847850f92cf53d3cc20876

    • SHA512

      a278b658b92b4f769671f1ac2fa1690ec02856f2b318a34904a651ca31f44205456f034341397d85e6279a289329c6f7a8a0c58a6943cfd08394659126d055e5

    • SSDEEP

      49152:h1OsiNQToNVxbNrInKtDSwSm7CXH9e7B6cr7J30Ct40pTh:h1OdNQUNVxNpSmGXMvxdt1

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v6

Tasks