Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    79e6588567217b9a6083c2a47ce4d1ae55d142bae82c18ee16b3014b462c904f

  • Size

    4.8MB

  • Sample

    221201-dhgk4scg2x

  • MD5

    b9c9b6a1121071dcc3afac7cef10b987

  • SHA1

    7ec4123c506a76eeaf1904a71263953906687cbf

  • SHA256

    79e6588567217b9a6083c2a47ce4d1ae55d142bae82c18ee16b3014b462c904f

  • SHA512

    ccad975fb3fe467ec16e2951ffada02860817a2b8d2518d9037c590aa533a6d417253fcf2f69d96e82cf28f396b1e8edcc72e7393ddf4f28034b4a1a12cc4fda

  • SSDEEP

    98304:7EK7yYAUDJ4sPgxSAZ5EGh+cDsddihc6TXkBL:txpPHA3DtsdP6TXkB

Malware Config

Targets

    • Target

      79e6588567217b9a6083c2a47ce4d1ae55d142bae82c18ee16b3014b462c904f

    • Size

      4.8MB

    • MD5

      b9c9b6a1121071dcc3afac7cef10b987

    • SHA1

      7ec4123c506a76eeaf1904a71263953906687cbf

    • SHA256

      79e6588567217b9a6083c2a47ce4d1ae55d142bae82c18ee16b3014b462c904f

    • SHA512

      ccad975fb3fe467ec16e2951ffada02860817a2b8d2518d9037c590aa533a6d417253fcf2f69d96e82cf28f396b1e8edcc72e7393ddf4f28034b4a1a12cc4fda

    • SSDEEP

      98304:7EK7yYAUDJ4sPgxSAZ5EGh+cDsddihc6TXkBL:txpPHA3DtsdP6TXkB

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks