Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9bf97d34d8dad642255381440c4331ee412be29d6ac7571e601ed36fc67cd43b

  • Size

    341KB

  • Sample

    221224-y8x11aae87

  • MD5

    e054878cfc0b894fc143dd29fe25850d

  • SHA1

    d92379413c28cced4c2933193409a227e1b3692f

  • SHA256

    9bf97d34d8dad642255381440c4331ee412be29d6ac7571e601ed36fc67cd43b

  • SHA512

    f3a5550fa1b05fed077a8ed38b8f65d7d956a7f4dd3352ad433787340d53028361ffc7034157b192c30facc5173fe25627670a1d71a49c21113ea82fa85c3777

  • SSDEEP

    6144:PLLem0+YpmC90kOvzUQPhkEthsZiJlukYxaMyf:PXemtYpmC90n1h1tu0luk/hf

Malware Config

Targets

    • Target

      9bf97d34d8dad642255381440c4331ee412be29d6ac7571e601ed36fc67cd43b

    • Size

      341KB

    • MD5

      e054878cfc0b894fc143dd29fe25850d

    • SHA1

      d92379413c28cced4c2933193409a227e1b3692f

    • SHA256

      9bf97d34d8dad642255381440c4331ee412be29d6ac7571e601ed36fc67cd43b

    • SHA512

      f3a5550fa1b05fed077a8ed38b8f65d7d956a7f4dd3352ad433787340d53028361ffc7034157b192c30facc5173fe25627670a1d71a49c21113ea82fa85c3777

    • SSDEEP

      6144:PLLem0+YpmC90kOvzUQPhkEthsZiJlukYxaMyf:PXemtYpmC90n1h1tu0luk/hf

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks