Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c5aec9cef86c2e699589bd39bb4a5f317326716ea2ae7dcb6c4802023b257dc4

  • Size

    1.3MB

  • Sample

    221128-gfyndsac38

  • MD5

    76a5395375950946ec26af0b03ee1a6d

  • SHA1

    622c77f7f73397a5a9e20f810796afd82b456b48

  • SHA256

    c5aec9cef86c2e699589bd39bb4a5f317326716ea2ae7dcb6c4802023b257dc4

  • SHA512

    093c9d970b2c419ee7b0088e7c1805853870b95e07f3b063038c590e0904b07ec1e28c1cabb0c020157957d5f18624d95e93b435c30cd23685cb93899e07107a

  • SSDEEP

    24576:mX+eNy774FYoMxiDavzXCPWJVLaBfLkieqRqGul/pPuR+ds2sx:pj70F7MksdJJaBjVhqGubuR+C

Malware Config

Targets

    • Target

      c5aec9cef86c2e699589bd39bb4a5f317326716ea2ae7dcb6c4802023b257dc4

    • Size

      1.3MB

    • MD5

      76a5395375950946ec26af0b03ee1a6d

    • SHA1

      622c77f7f73397a5a9e20f810796afd82b456b48

    • SHA256

      c5aec9cef86c2e699589bd39bb4a5f317326716ea2ae7dcb6c4802023b257dc4

    • SHA512

      093c9d970b2c419ee7b0088e7c1805853870b95e07f3b063038c590e0904b07ec1e28c1cabb0c020157957d5f18624d95e93b435c30cd23685cb93899e07107a

    • SSDEEP

      24576:mX+eNy774FYoMxiDavzXCPWJVLaBfLkieqRqGul/pPuR+ds2sx:pj70F7MksdJJaBjVhqGubuR+C

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks