Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8e798b6e766493c894935073db220a3440007f940a78c9f94045de6303fdec2f

  • Size

    1.1MB

  • Sample

    230418-xz9srsfc9z

  • MD5

    d64edcff5aeff2aec2ee1bdcbd617d07

  • SHA1

    3d3c1ba7c4bfbf4183d9708d1c1e00defa05cf4e

  • SHA256

    8e798b6e766493c894935073db220a3440007f940a78c9f94045de6303fdec2f

  • SHA512

    dda5fc962dd974e94381796e57183a886ce8bcc09c7423b2b41a957cb4c6dbf2febc172cfa5ff87ee553039da41bf43a24b8971d48b13a99e0edd8586b07117e

  • SSDEEP

    24576:cyXV/saQXMbJDMroMrhCXocgtk6mYk2r:LXV/VQXoMUMrhCXocEk6mY9

Malware Config

Targets

    • Target

      8e798b6e766493c894935073db220a3440007f940a78c9f94045de6303fdec2f

    • Size

      1.1MB

    • MD5

      d64edcff5aeff2aec2ee1bdcbd617d07

    • SHA1

      3d3c1ba7c4bfbf4183d9708d1c1e00defa05cf4e

    • SHA256

      8e798b6e766493c894935073db220a3440007f940a78c9f94045de6303fdec2f

    • SHA512

      dda5fc962dd974e94381796e57183a886ce8bcc09c7423b2b41a957cb4c6dbf2febc172cfa5ff87ee553039da41bf43a24b8971d48b13a99e0edd8586b07117e

    • SSDEEP

      24576:cyXV/saQXMbJDMroMrhCXocgtk6mYk2r:LXV/VQXoMUMrhCXocEk6mY9

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks