Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9947e262705dd97eb8fbbd1bda47c5eb4b14b70c78577f506665bdb3f4cb1d34

  • Size

    1.1MB

  • Sample

    230418-yd7lysdg46

  • MD5

    2bdbaee5fd8db5caaa90c5186a93498a

  • SHA1

    d4dcce48c51ca948bcd4380b66897fdfc73224b4

  • SHA256

    9947e262705dd97eb8fbbd1bda47c5eb4b14b70c78577f506665bdb3f4cb1d34

  • SHA512

    1889b9924ca75686b1d602d377cd5f40d22a0549adeb1d136621051ced024f7fb916a488545fe605550457e53ad663bfc939c222505722b95567cf75ff949ad0

  • SSDEEP

    24576:xydx/7IIDKBQUc9Pv3gR9/xfJ/aBM25S4Bq:kdx//K+Uc9Ho9/xfJSS2k4B

Malware Config

Targets

    • Target

      9947e262705dd97eb8fbbd1bda47c5eb4b14b70c78577f506665bdb3f4cb1d34

    • Size

      1.1MB

    • MD5

      2bdbaee5fd8db5caaa90c5186a93498a

    • SHA1

      d4dcce48c51ca948bcd4380b66897fdfc73224b4

    • SHA256

      9947e262705dd97eb8fbbd1bda47c5eb4b14b70c78577f506665bdb3f4cb1d34

    • SHA512

      1889b9924ca75686b1d602d377cd5f40d22a0549adeb1d136621051ced024f7fb916a488545fe605550457e53ad663bfc939c222505722b95567cf75ff949ad0

    • SSDEEP

      24576:xydx/7IIDKBQUc9Pv3gR9/xfJ/aBM25S4Bq:kdx//K+Uc9Ho9/xfJSS2k4B

    • Modifies Windows Defender Real-time Protection settings

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks