Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c483ec4637b5046465774639dc8b7224236e1934984d10b205daed6110beb6f0
-
Size
827KB
-
Sample
230419-jjxxdaah9x
-
MD5
78ebebb7ba7b4296ad595c2f3bf07637
-
SHA1
77f349d6885cf30510b486d75f2ee88d28c1cd1e
-
SHA256
c483ec4637b5046465774639dc8b7224236e1934984d10b205daed6110beb6f0
-
SHA512
714e6f2ebead9e7cb32f46abcb8261e7aa28f86a90283f3acfca6c3d64037f20a85059d5242bf5f407b8c476088a6226d6ed2578a7e3af9748bbaf1601033245
-
SSDEEP
12288:Py909avxotq0Pp03OfSpnMGoRmNkrwzJlUWu62tCQqnLtR/IsZAeosBa10Q:PyjNu0+fKnMGoENPt2wVRQspoog
Malware Config
Targets
-
-
Target
c483ec4637b5046465774639dc8b7224236e1934984d10b205daed6110beb6f0
-
Size
827KB
-
MD5
78ebebb7ba7b4296ad595c2f3bf07637
-
SHA1
77f349d6885cf30510b486d75f2ee88d28c1cd1e
-
SHA256
c483ec4637b5046465774639dc8b7224236e1934984d10b205daed6110beb6f0
-
SHA512
714e6f2ebead9e7cb32f46abcb8261e7aa28f86a90283f3acfca6c3d64037f20a85059d5242bf5f407b8c476088a6226d6ed2578a7e3af9748bbaf1601033245
-
SSDEEP
12288:Py909avxotq0Pp03OfSpnMGoRmNkrwzJlUWu62tCQqnLtR/IsZAeosBa10Q:PyjNu0+fKnMGoENPt2wVRQspoog
Score10/10-
Modifies Windows Defender Real-time Protection settings
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Windows security modification
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-