Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f93178fd1ad0a449b9011f93ef1793fb7b6cc4fbb85a67b0a57689ca16ae9584

  • Size

    138KB

  • Sample

    221203-c4ccvagc66

  • MD5

    75d8c1b6149815ece29ed1a92e3f23da

  • SHA1

    2699a26497ce4f8d311957c051ef13cee53f5c92

  • SHA256

    f93178fd1ad0a449b9011f93ef1793fb7b6cc4fbb85a67b0a57689ca16ae9584

  • SHA512

    c539aa92c93cb5bbf57107945b7171985ea31f9e182ca80f71077ee5760cf01cfd54f4702c28f85331c893914b9ec897b33a0e0ad8954ad450e4055689d3327a

  • SSDEEP

    3072:MKDcf/S7wUCJYov3MhPVWnNWZpC2bmfCZMcdR3TUjd0R:MKDcykfJYZnkNEpr5XdRj66R

Malware Config

Targets

    • Target

      f93178fd1ad0a449b9011f93ef1793fb7b6cc4fbb85a67b0a57689ca16ae9584

    • Size

      138KB

    • MD5

      75d8c1b6149815ece29ed1a92e3f23da

    • SHA1

      2699a26497ce4f8d311957c051ef13cee53f5c92

    • SHA256

      f93178fd1ad0a449b9011f93ef1793fb7b6cc4fbb85a67b0a57689ca16ae9584

    • SHA512

      c539aa92c93cb5bbf57107945b7171985ea31f9e182ca80f71077ee5760cf01cfd54f4702c28f85331c893914b9ec897b33a0e0ad8954ad450e4055689d3327a

    • SSDEEP

      3072:MKDcf/S7wUCJYov3MhPVWnNWZpC2bmfCZMcdR3TUjd0R:MKDcykfJYZnkNEpr5XdRj66R

    • Modifies firewall policy service

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks