Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    600b6100f250d50af844b130d038e60706be6392e635bdc4ca2ba65aee54b64a

  • Size

    1.1MB

  • Sample

    230419-elpassgb62

  • MD5

    0d9bc68752aa645bfc475dd57f44e44f

  • SHA1

    b83fe616ef87db187600515d662b76e85d05bebf

  • SHA256

    600b6100f250d50af844b130d038e60706be6392e635bdc4ca2ba65aee54b64a

  • SHA512

    e4c0f1c6a0e180ca8691c093129fc64f729c4e68a1e06a9770181a94660c424f2c6caeb0fc09adfc1f451b6d289f59562438bbf658c4efa391f01392d16676c7

  • SSDEEP

    24576:Wyaz5ATJUVS7AZuTrX596HBgLSI1wKRskUKCE3JEuc:lDJL1TrXLgBgWXKqkpCEu

Malware Config

Targets

    • Target

      600b6100f250d50af844b130d038e60706be6392e635bdc4ca2ba65aee54b64a

    • Size

      1.1MB

    • MD5

      0d9bc68752aa645bfc475dd57f44e44f

    • SHA1

      b83fe616ef87db187600515d662b76e85d05bebf

    • SHA256

      600b6100f250d50af844b130d038e60706be6392e635bdc4ca2ba65aee54b64a

    • SHA512

      e4c0f1c6a0e180ca8691c093129fc64f729c4e68a1e06a9770181a94660c424f2c6caeb0fc09adfc1f451b6d289f59562438bbf658c4efa391f01392d16676c7

    • SSDEEP

      24576:Wyaz5ATJUVS7AZuTrX596HBgLSI1wKRskUKCE3JEuc:lDJL1TrXLgBgWXKqkpCEu

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks