Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    46edb4a01db1f85a560fd31f0bb927fb.exe

  • Size

    827KB

  • Sample

    230419-jzeezaba71

  • MD5

    46edb4a01db1f85a560fd31f0bb927fb

  • SHA1

    8fcea243abf6aa39aeabb695cd73a5dbe1e1ccb1

  • SHA256

    a49d4005d71990391e2c4c74797bff12132e10bb81f481221ea289d8637d2314

  • SHA512

    4550d7df9e7686f434d01202cb80a94f894db9a3e91cfdca83046e3b23d0a043c91158fb5ef4c4a2a4d63d3e3bc7fb962e21d02390d70d8930a371500972fc13

  • SSDEEP

    24576:pyEnNzfXZWZX/ACwznlUffChic48oaZQX0:cEnNzfQZX/fwrlUffoic/8

Malware Config

Targets

    • Target

      46edb4a01db1f85a560fd31f0bb927fb.exe

    • Size

      827KB

    • MD5

      46edb4a01db1f85a560fd31f0bb927fb

    • SHA1

      8fcea243abf6aa39aeabb695cd73a5dbe1e1ccb1

    • SHA256

      a49d4005d71990391e2c4c74797bff12132e10bb81f481221ea289d8637d2314

    • SHA512

      4550d7df9e7686f434d01202cb80a94f894db9a3e91cfdca83046e3b23d0a043c91158fb5ef4c4a2a4d63d3e3bc7fb962e21d02390d70d8930a371500972fc13

    • SSDEEP

      24576:pyEnNzfXZWZX/ACwznlUffChic48oaZQX0:cEnNzfQZX/fwrlUffoic/8

    • Modifies Windows Defender Real-time Protection settings

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks