Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6d1cc5a00d9c1793d0970fff57f90ac7.exe

  • Size

    827KB

  • Sample

    230419-hqcpcaaf8z

  • MD5

    6d1cc5a00d9c1793d0970fff57f90ac7

  • SHA1

    162d7c6454a1b3f2dd3993515026844ecc44ea73

  • SHA256

    afab6d6bbc05cd7b17f7f8f8ae3f3ca5908c15f85f012c79cd9de413e92acd10

  • SHA512

    c9240e77bfd1f0cc71d0178948350efc2a01b3c16b4ab8b930fd5fefd4daffa96cd3064ac9c46159afa57deca8e66e944b07184d22388cf42b9336aebc339368

  • SSDEEP

    24576:PyRF3F9+16/rzjpT5fCeoL7oSKN6k/ZDyH+49U:aHF9+16D/pT5fmnu6CZqT

Malware Config

Targets

    • Target

      6d1cc5a00d9c1793d0970fff57f90ac7.exe

    • Size

      827KB

    • MD5

      6d1cc5a00d9c1793d0970fff57f90ac7

    • SHA1

      162d7c6454a1b3f2dd3993515026844ecc44ea73

    • SHA256

      afab6d6bbc05cd7b17f7f8f8ae3f3ca5908c15f85f012c79cd9de413e92acd10

    • SHA512

      c9240e77bfd1f0cc71d0178948350efc2a01b3c16b4ab8b930fd5fefd4daffa96cd3064ac9c46159afa57deca8e66e944b07184d22388cf42b9336aebc339368

    • SSDEEP

      24576:PyRF3F9+16/rzjpT5fCeoL7oSKN6k/ZDyH+49U:aHF9+16D/pT5fmnu6CZqT

    • Modifies Windows Defender Real-time Protection settings

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks