Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fbdfee5e766033327b05f575c3cf456fa4f71ec39b1bd5ddbfd0dcc69a73bd81

  • Size

    685KB

  • Sample

    221203-xhj6safb82

  • MD5

    90d83c7d3477803d847ce89613b035d6

  • SHA1

    5eac96da556f831ed687fbcd78549e6c476ffe61

  • SHA256

    fbdfee5e766033327b05f575c3cf456fa4f71ec39b1bd5ddbfd0dcc69a73bd81

  • SHA512

    7eed2ee49fa2285f78fcae0175c5bea0fad19839713ba94ec6b2adcdb3ab736f69cb1ed6de4936d18a25a9ca3eca77b7bcc469f2ed534389155bd2e9bf14bf06

  • SSDEEP

    12288:rXi1xcZVNe+keYaOeoG7FCibEPVMVWmQYfIjBKEZa+rUlynwMEcR157N59lU98:NdejCOeoQHbEPVMVWmQYgjB115A

Malware Config

Targets

    • Target

      fbdfee5e766033327b05f575c3cf456fa4f71ec39b1bd5ddbfd0dcc69a73bd81

    • Size

      685KB

    • MD5

      90d83c7d3477803d847ce89613b035d6

    • SHA1

      5eac96da556f831ed687fbcd78549e6c476ffe61

    • SHA256

      fbdfee5e766033327b05f575c3cf456fa4f71ec39b1bd5ddbfd0dcc69a73bd81

    • SHA512

      7eed2ee49fa2285f78fcae0175c5bea0fad19839713ba94ec6b2adcdb3ab736f69cb1ed6de4936d18a25a9ca3eca77b7bcc469f2ed534389155bd2e9bf14bf06

    • SSDEEP

      12288:rXi1xcZVNe+keYaOeoG7FCibEPVMVWmQYfIjBKEZa+rUlynwMEcR157N59lU98:NdejCOeoQHbEPVMVWmQYgjB115A

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks