Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7f78231c86222a0279f91873776349555087fc51845fb668c885ce21899ba79e
-
Size
263KB
-
Sample
221127-rysj7shh2z
-
MD5
9df31e17af46a4c7d2965f3f933776de
-
SHA1
6cc651676e746a405f149601bee7026fb0cef38b
-
SHA256
7f78231c86222a0279f91873776349555087fc51845fb668c885ce21899ba79e
-
SHA512
1c1bdbc76a4c40e7a9da41852f37f66151d0c3bb59fcf5cdbad3686446a640df07d2997fccae1174ae3cdcd38e4f889260314fdced10be171c834a52a633677d
-
SSDEEP
3072:XauaSO3kjPlvmwCU7yMhb2HfY7EUDJJG6MQTsYxdbJYwurSquWSWAS9x00Ee3PtE:KCckjFJCUJbFdDJg6M2OluW19tPtIP
Malware Config
Targets
-
-
Target
7f78231c86222a0279f91873776349555087fc51845fb668c885ce21899ba79e
-
Size
263KB
-
MD5
9df31e17af46a4c7d2965f3f933776de
-
SHA1
6cc651676e746a405f149601bee7026fb0cef38b
-
SHA256
7f78231c86222a0279f91873776349555087fc51845fb668c885ce21899ba79e
-
SHA512
1c1bdbc76a4c40e7a9da41852f37f66151d0c3bb59fcf5cdbad3686446a640df07d2997fccae1174ae3cdcd38e4f889260314fdced10be171c834a52a633677d
-
SSDEEP
3072:XauaSO3kjPlvmwCU7yMhb2HfY7EUDJJG6MQTsYxdbJYwurSquWSWAS9x00Ee3PtE:KCckjFJCUJbFdDJg6M2OluW19tPtIP
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-