Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fca30540d1feb531e3acc347d9749784ed9c33c694db22e6c91c10e68b78e263

  • Size

    928KB

  • Sample

    221204-mj867aag24

  • MD5

    8a8799dd9c61f681dd309062fe10907f

  • SHA1

    0cf8350fd20fd50eb4d762759af596f043e0bc1b

  • SHA256

    fca30540d1feb531e3acc347d9749784ed9c33c694db22e6c91c10e68b78e263

  • SHA512

    31526df89ae2fa785e322264c9eb40627e2d257211fac1d0ed25c3a2c890c326a1b7cb4c5816442b430273e014a2ea12e013d3bcebf93bc21f4bbfc3ad5b9796

  • SSDEEP

    24576:RUrYhmqvbAqd0bWbZr64BoHLqMia5VqE:qwvBdMWVr6VrqHa5VqE

Malware Config

Targets

    • Target

      fca30540d1feb531e3acc347d9749784ed9c33c694db22e6c91c10e68b78e263

    • Size

      928KB

    • MD5

      8a8799dd9c61f681dd309062fe10907f

    • SHA1

      0cf8350fd20fd50eb4d762759af596f043e0bc1b

    • SHA256

      fca30540d1feb531e3acc347d9749784ed9c33c694db22e6c91c10e68b78e263

    • SHA512

      31526df89ae2fa785e322264c9eb40627e2d257211fac1d0ed25c3a2c890c326a1b7cb4c5816442b430273e014a2ea12e013d3bcebf93bc21f4bbfc3ad5b9796

    • SSDEEP

      24576:RUrYhmqvbAqd0bWbZr64BoHLqMia5VqE:qwvBdMWVr6VrqHa5VqE

    • Checks for common network interception software

      Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.

    • Enumerates VirtualBox registry keys

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks