Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ed82f1d8ccaba6adaf7627bd0ea139a71dfd2f8d7313bd5ef2dfd709c72c90f9

  • Size

    107KB

  • Sample

    221206-tydr6agf5s

  • MD5

    24e35fda77b32fca7645b5f5b08a753d

  • SHA1

    8d3eae011efec4fc301635facbdbf13d9cd4e1ad

  • SHA256

    ed82f1d8ccaba6adaf7627bd0ea139a71dfd2f8d7313bd5ef2dfd709c72c90f9

  • SHA512

    3c097c477c93686b9f72801a42f60201514a7c0a8da1520dfc9b520f8cf5e91291b952558761d4794164339bd81cf05d2f2bad53ea28e7823d589fda9b67fecb

  • SSDEEP

    3072:q+ZLGuZ4IXX0dt9KK0XRnBGD8socz9bedWuDWBF0:q+ouZ4MWt9KK6nyoc1pa

Score
7/10

Malware Config

Targets

    • Target

      ed82f1d8ccaba6adaf7627bd0ea139a71dfd2f8d7313bd5ef2dfd709c72c90f9

    • Size

      107KB

    • MD5

      24e35fda77b32fca7645b5f5b08a753d

    • SHA1

      8d3eae011efec4fc301635facbdbf13d9cd4e1ad

    • SHA256

      ed82f1d8ccaba6adaf7627bd0ea139a71dfd2f8d7313bd5ef2dfd709c72c90f9

    • SHA512

      3c097c477c93686b9f72801a42f60201514a7c0a8da1520dfc9b520f8cf5e91291b952558761d4794164339bd81cf05d2f2bad53ea28e7823d589fda9b67fecb

    • SSDEEP

      3072:q+ZLGuZ4IXX0dt9KK0XRnBGD8socz9bedWuDWBF0:q+ouZ4MWt9KK6nyoc1pa

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

    • Reads local data of messenger clients

      Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks