Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    bb78e6e217219f4e7f9189028ee6b7c29aec5e71f16a878a2d8d530a31b98432

  • Size

    2.1MB

  • Sample

    221127-fkjjlaef5y

  • MD5

    6f85c766a77c792498fb1c792f154fc8

  • SHA1

    6167541b7009b876bd130ad160ea434d4d60eaf4

  • SHA256

    bb78e6e217219f4e7f9189028ee6b7c29aec5e71f16a878a2d8d530a31b98432

  • SHA512

    4102d57ca492123b532849631079327917e708202c461bda11ba5a8d0aa790ca3ef576cb123bd0978425b64d83d416f8bca426457cbcdc3368644443854d91c8

  • SSDEEP

    49152:h1Os5NQToNVxbNrInKtDSwSm7CXH9e7Y6JPvXiNjOFdzQJ20d1tT2:h1OQNQUNVxNpSmGXQlvXdkJ20dW

Malware Config

Targets

    • Target

      bb78e6e217219f4e7f9189028ee6b7c29aec5e71f16a878a2d8d530a31b98432

    • Size

      2.1MB

    • MD5

      6f85c766a77c792498fb1c792f154fc8

    • SHA1

      6167541b7009b876bd130ad160ea434d4d60eaf4

    • SHA256

      bb78e6e217219f4e7f9189028ee6b7c29aec5e71f16a878a2d8d530a31b98432

    • SHA512

      4102d57ca492123b532849631079327917e708202c461bda11ba5a8d0aa790ca3ef576cb123bd0978425b64d83d416f8bca426457cbcdc3368644443854d91c8

    • SSDEEP

      49152:h1Os5NQToNVxbNrInKtDSwSm7CXH9e7Y6JPvXiNjOFdzQJ20d1tT2:h1OQNQUNVxNpSmGXQlvXdkJ20dW

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v6

Tasks