Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c244858ae2ac3264a5c3aa8338240e348a651c3ac2a6c7d7c5feadf7bb4a8942

  • Size

    964KB

  • Sample

    230419-f3fwesac6t

  • MD5

    6644e60ec6e8b0e11f88645caaab8368

  • SHA1

    973fab79d5ac47ad301b4323d2e8b30b461a0f95

  • SHA256

    c244858ae2ac3264a5c3aa8338240e348a651c3ac2a6c7d7c5feadf7bb4a8942

  • SHA512

    596f9d824b8c66e964cc1dd6c30b1a165ce66b2cb3fb0c110270401c9e0e474b9301081aec3e17a0a7bca98c88f02194beed6f5bc063a4d0c3a03307c9869e87

  • SSDEEP

    24576:AywHHly8p7VdPCDgP4ZVWIwkYNzm9kKwCcYFrIgqqyIP8b+Cgi:HwHHlyu7VZ+1Yy9kKwLYFrIZqyy8N

Malware Config

Targets

    • Target

      c244858ae2ac3264a5c3aa8338240e348a651c3ac2a6c7d7c5feadf7bb4a8942

    • Size

      964KB

    • MD5

      6644e60ec6e8b0e11f88645caaab8368

    • SHA1

      973fab79d5ac47ad301b4323d2e8b30b461a0f95

    • SHA256

      c244858ae2ac3264a5c3aa8338240e348a651c3ac2a6c7d7c5feadf7bb4a8942

    • SHA512

      596f9d824b8c66e964cc1dd6c30b1a165ce66b2cb3fb0c110270401c9e0e474b9301081aec3e17a0a7bca98c88f02194beed6f5bc063a4d0c3a03307c9869e87

    • SSDEEP

      24576:AywHHly8p7VdPCDgP4ZVWIwkYNzm9kKwCcYFrIgqqyIP8b+Cgi:HwHHlyu7VZ+1Yy9kKwLYFrIZqyy8N

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks