Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ChromeSetup (1).exe

  • Size

    1.4MB

  • Sample

    221230-xej2lsbe4t

  • MD5

    9827131f829eff662bcb5286062c6133

  • SHA1

    86473c2e3a58a79ea25b12db2b805019eef7524b

  • SHA256

    e4afcb3a9e62d3f8519b62b4a2e7d5e90d6cb9161d49c2f6bb34f8312a4f4245

  • SHA512

    7df625724595a12df3b9bc0da693dd4a90ffd18da1ae463c67c287fe829b9ed27f0499c1ce9fe077e6138d409482fa978954ce4c988354a979a20c1afdc01d08

  • SSDEEP

    24576:Jw8KjKjGFygcc23L1/NVOmOSGb6E3ecS4fzrjxJh9UZXlpbPvC7xtYUrEmFlo+LT:PKjKWQc2b1FVgbjrjxPe1pbPSQm1FloS

Malware Config

Targets

    • Target

      ChromeSetup (1).exe

    • Size

      1.4MB

    • MD5

      9827131f829eff662bcb5286062c6133

    • SHA1

      86473c2e3a58a79ea25b12db2b805019eef7524b

    • SHA256

      e4afcb3a9e62d3f8519b62b4a2e7d5e90d6cb9161d49c2f6bb34f8312a4f4245

    • SHA512

      7df625724595a12df3b9bc0da693dd4a90ffd18da1ae463c67c287fe829b9ed27f0499c1ce9fe077e6138d409482fa978954ce4c988354a979a20c1afdc01d08

    • SSDEEP

      24576:Jw8KjKjGFygcc23L1/NVOmOSGb6E3ecS4fzrjxJh9UZXlpbPvC7xtYUrEmFlo+LT:PKjKWQc2b1FVgbjrjxPe1pbPSQm1FloS

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Modifies Installed Components in the registry

    • Registers COM server for autorun

    • Sets file execution options in registry

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks