Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7fb81b96e4df407058f5c9b96096f409c2783db604d67f31dcb4d2d8b38e917f

  • Size

    256KB

  • Sample

    221225-wxthbsfa6x

  • MD5

    06060e34aa7a2b64cef824427b65cacf

  • SHA1

    2625fe6a0f4f43ac3fedfc25641d1637ce32725f

  • SHA256

    048bf334f5cc03998c8e3f8f2e4b7d492610f76cb1d3127a0a18ac942fb8159a

  • SHA512

    056d143b6b84bd4f9939b6a683a0da0bf25a393a4fb88b88043bd12b28aecb2f68ac9d50cfe63a3ababbe83c261e0cff22c6832a1d7a2795ec8e83dd3ef0b5e6

  • SSDEEP

    6144:BIpCoCZA2NSvyFtE7DOheOvE2ZHrNKEpDswCe00jQBZiM:BenCC2NSjOvEyHlhljQBZiM

Malware Config

Targets

    • Target

      7fb81b96e4df407058f5c9b96096f409c2783db604d67f31dcb4d2d8b38e917f

    • Size

      338KB

    • MD5

      c657dda51197887c07acb2c0020741d6

    • SHA1

      b7ad6e0288310078e3dcac605b0a93213f352282

    • SHA256

      7fb81b96e4df407058f5c9b96096f409c2783db604d67f31dcb4d2d8b38e917f

    • SHA512

      361c0b45604defb7191553ffe48e6bf0982c4bf1e8ed720a7a9c4fb8d3f92fb921e04aac7bf7e85d274b0f4c0716c889fdb0ea7f5579c5eec7f5fca149a8b64a

    • SSDEEP

      6144:cLSRLYTCFKu2N4vyFtE7DiheOvE2ZHrNcEpDsUCe/hTx3PJ/NhnGymI:c4ngu2N47OvEyHrnNx/VNh9m

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks