Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fb02c1fb8d5e5579c507a89225d507f406c4640032f501503d871a7e4fb7c4be

  • Size

    1.3MB

  • Sample

    221128-etre5aaa3w

  • MD5

    6c68f1c23170704526f38d5af4c7b13a

  • SHA1

    c7f228ab56140478883230d38bd1254fcb351562

  • SHA256

    fb02c1fb8d5e5579c507a89225d507f406c4640032f501503d871a7e4fb7c4be

  • SHA512

    94a5a9d8acad493a6774e6f230b3a267e550c0fdd68030f46b4a2e1df8bf31759aaa037e781bb0dbcace4f319d482148ad202ee761a9483d1cbf3b7970291b3b

  • SSDEEP

    24576:mRDUcBT5kTEdbyZGt02sU+KoCWU65mSS4YnwKaAkdayJsZsUe:Gnx5kTobyZmPvpWU6MSS4OwKaAkdWsr

Malware Config

Targets

    • Target

      fb02c1fb8d5e5579c507a89225d507f406c4640032f501503d871a7e4fb7c4be

    • Size

      1.3MB

    • MD5

      6c68f1c23170704526f38d5af4c7b13a

    • SHA1

      c7f228ab56140478883230d38bd1254fcb351562

    • SHA256

      fb02c1fb8d5e5579c507a89225d507f406c4640032f501503d871a7e4fb7c4be

    • SHA512

      94a5a9d8acad493a6774e6f230b3a267e550c0fdd68030f46b4a2e1df8bf31759aaa037e781bb0dbcace4f319d482148ad202ee761a9483d1cbf3b7970291b3b

    • SSDEEP

      24576:mRDUcBT5kTEdbyZGt02sU+KoCWU65mSS4YnwKaAkdayJsZsUe:Gnx5kTobyZmPvpWU6MSS4OwKaAkdWsr

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks