Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    29dc138ff8b2d1300e7fb8c9d48a49b5635ef4eba48fed6fe96ccaea4633860e

  • Size

    351KB

  • Sample

    230418-sxj24scc92

  • MD5

    eefb660e99987dd839b64046306bbc17

  • SHA1

    1ff45901861e613d1fdbfa4fd257dadae8574ed2

  • SHA256

    29dc138ff8b2d1300e7fb8c9d48a49b5635ef4eba48fed6fe96ccaea4633860e

  • SHA512

    af2b0495aead8751782cf954ed8f156991f33384b5a29912a05104c6062f539c95c6760de708be666bccfe07121e13ee2334839db87ff67b1dbc483215046d1d

  • SSDEEP

    6144:ypZR0w5EAKkGF0AoO0CcSsWVOE8MbJuimY/19i/WwIv:ynmwkk00ARchWP8MvmY/1WWrv

Malware Config

Targets

    • Target

      29dc138ff8b2d1300e7fb8c9d48a49b5635ef4eba48fed6fe96ccaea4633860e

    • Size

      351KB

    • MD5

      eefb660e99987dd839b64046306bbc17

    • SHA1

      1ff45901861e613d1fdbfa4fd257dadae8574ed2

    • SHA256

      29dc138ff8b2d1300e7fb8c9d48a49b5635ef4eba48fed6fe96ccaea4633860e

    • SHA512

      af2b0495aead8751782cf954ed8f156991f33384b5a29912a05104c6062f539c95c6760de708be666bccfe07121e13ee2334839db87ff67b1dbc483215046d1d

    • SSDEEP

      6144:ypZR0w5EAKkGF0AoO0CcSsWVOE8MbJuimY/19i/WwIv:ynmwkk00ARchWP8MvmY/1WWrv

    • Downloads MZ/PE file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks