Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    104c2f23de160113292fddaaaba2a94f34c6edffa89388f4fae8f1c7be221a41

  • Size

    3.1MB

  • Sample

    230130-tzxawsbb22

  • MD5

    269240c6291fa4cecb4324c56d9077cc

  • SHA1

    b58b373ef9b7c1561b1dcf66af59f61e5e690ac5

  • SHA256

    104c2f23de160113292fddaaaba2a94f34c6edffa89388f4fae8f1c7be221a41

  • SHA512

    0388547dddcf213eee3dbde8297af5c3a5ab40a3f51999ea2804185f8c69906683087e37974af2202a661f0a66d979414f53258b090183d1e2bdbae135be31af

  • SSDEEP

    49152:MU+AugP+M1a1i225oazT9LUg6lZOW4pxxqCsT72qLXNcYnyd/x45wHQhV6BGmAcj:MUxHTszceLGpx9s8fawHtzdrt

Malware Config

Targets

    • Target

      104c2f23de160113292fddaaaba2a94f34c6edffa89388f4fae8f1c7be221a41

    • Size

      3.1MB

    • MD5

      269240c6291fa4cecb4324c56d9077cc

    • SHA1

      b58b373ef9b7c1561b1dcf66af59f61e5e690ac5

    • SHA256

      104c2f23de160113292fddaaaba2a94f34c6edffa89388f4fae8f1c7be221a41

    • SHA512

      0388547dddcf213eee3dbde8297af5c3a5ab40a3f51999ea2804185f8c69906683087e37974af2202a661f0a66d979414f53258b090183d1e2bdbae135be31af

    • SSDEEP

      49152:MU+AugP+M1a1i225oazT9LUg6lZOW4pxxqCsT72qLXNcYnyd/x45wHQhV6BGmAcj:MUxHTszceLGpx9s8fawHtzdrt

    • Blocklisted process makes network request

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses Microsoft Outlook accounts

    • Accesses Microsoft Outlook profiles

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks