Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e2a3a5eba29af906a304798585db2ecab401a7661f500e53c2b00eec6cdb48da

  • Size

    174KB

  • Sample

    221204-qxscdaha71

  • MD5

    c064b8cabf4f3aae85b422b3798833c2

  • SHA1

    35249dfe2329712e104e7d436cd7ae1646f0e3b1

  • SHA256

    e2a3a5eba29af906a304798585db2ecab401a7661f500e53c2b00eec6cdb48da

  • SHA512

    b6c1854a42e6fc9524c127be72e342cc3b0d06e21e915af3b291ad9d2d28f9266b52622d92b5b93d26900ffd3b64c264313ff108b7b631aec3d216a7b1054cb4

  • SSDEEP

    3072:pbY1rwlmzqhTwuSyDgolzRBA/W2fXX8GCkMLBaNDeINg0jns/6HQFhs9d0:ps1MCgNSyDXRt2fNCkhexSs1Q

Malware Config

Targets

    • Target

      e2a3a5eba29af906a304798585db2ecab401a7661f500e53c2b00eec6cdb48da

    • Size

      174KB

    • MD5

      c064b8cabf4f3aae85b422b3798833c2

    • SHA1

      35249dfe2329712e104e7d436cd7ae1646f0e3b1

    • SHA256

      e2a3a5eba29af906a304798585db2ecab401a7661f500e53c2b00eec6cdb48da

    • SHA512

      b6c1854a42e6fc9524c127be72e342cc3b0d06e21e915af3b291ad9d2d28f9266b52622d92b5b93d26900ffd3b64c264313ff108b7b631aec3d216a7b1054cb4

    • SSDEEP

      3072:pbY1rwlmzqhTwuSyDgolzRBA/W2fXX8GCkMLBaNDeINg0jns/6HQFhs9d0:ps1MCgNSyDXRt2fNCkhexSs1Q

    • Modifies security service

    • Disables taskbar notifications via registry modification

    • Modifies Installed Components in the registry

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v6

Tasks