Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f9aee415a399e8abd0fba5b04405c726a45cd5ea93ea43d0a07efc90e7d0c1f6

  • Size

    827KB

  • Sample

    230419-zjenssfc2x

  • MD5

    f68d925cb037645724c3d985364cb3bf

  • SHA1

    e8653d6a211a691ccf951de21c91b28e2c47bbbd

  • SHA256

    f9aee415a399e8abd0fba5b04405c726a45cd5ea93ea43d0a07efc90e7d0c1f6

  • SHA512

    736a059bf1d54f4d911e7c305508c092a727aac56a539ce3cc033e5b4fb348f50bb30948590b15511298274724efde941001379cae52d528717f3fa59f365954

  • SSDEEP

    24576:Xyl9+gA3eQ6b2s29gnWATPk8pMsAf6/jRz725:ilMt6b2F9gnWh8upC/Q

Malware Config

Targets

    • Target

      f9aee415a399e8abd0fba5b04405c726a45cd5ea93ea43d0a07efc90e7d0c1f6

    • Size

      827KB

    • MD5

      f68d925cb037645724c3d985364cb3bf

    • SHA1

      e8653d6a211a691ccf951de21c91b28e2c47bbbd

    • SHA256

      f9aee415a399e8abd0fba5b04405c726a45cd5ea93ea43d0a07efc90e7d0c1f6

    • SHA512

      736a059bf1d54f4d911e7c305508c092a727aac56a539ce3cc033e5b4fb348f50bb30948590b15511298274724efde941001379cae52d528717f3fa59f365954

    • SSDEEP

      24576:Xyl9+gA3eQ6b2s29gnWATPk8pMsAf6/jRz725:ilMt6b2F9gnWh8upC/Q

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks