Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b3e128766755a249f058b8af014edd0d63d78807642a5c6091d6e249095dc123

  • Size

    920KB

  • Sample

    230420-3gg8paeh2s

  • MD5

    a3f0b6d0e55179bcef554f2e5295f332

  • SHA1

    550fd9f3e85ce06bb96f6003c356553da9a9d6fd

  • SHA256

    b3e128766755a249f058b8af014edd0d63d78807642a5c6091d6e249095dc123

  • SHA512

    46b38ac8973d12c73f328a22954c85858b86815857e1b1ea298311fc761b4414c091e3e3c1bc1ad55f4fd537f9016248802cd099d17c56f933a2069095508f63

  • SSDEEP

    24576:myJ7rPvW+id/Z4DOlK2OaTK4Atm7uBYIaX9u:1J7Lzid/Z5vuqIo9

Malware Config

Targets

    • Target

      b3e128766755a249f058b8af014edd0d63d78807642a5c6091d6e249095dc123

    • Size

      920KB

    • MD5

      a3f0b6d0e55179bcef554f2e5295f332

    • SHA1

      550fd9f3e85ce06bb96f6003c356553da9a9d6fd

    • SHA256

      b3e128766755a249f058b8af014edd0d63d78807642a5c6091d6e249095dc123

    • SHA512

      46b38ac8973d12c73f328a22954c85858b86815857e1b1ea298311fc761b4414c091e3e3c1bc1ad55f4fd537f9016248802cd099d17c56f933a2069095508f63

    • SSDEEP

      24576:myJ7rPvW+id/Z4DOlK2OaTK4Atm7uBYIaX9u:1J7Lzid/Z5vuqIo9

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks