Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    779bf6c876da1c00db5aca32640aa0bf9db29f6843a12e607df3b45d34c000ee

  • Size

    936KB

  • Sample

    230420-gzm11aga45

  • MD5

    4b59bbe415f025719fb0b0495f687da1

  • SHA1

    dfb486a0a343d87ab187e9d53d219f236bd0e8f5

  • SHA256

    779bf6c876da1c00db5aca32640aa0bf9db29f6843a12e607df3b45d34c000ee

  • SHA512

    7508db0b41138e6dde00331636904afc3cc499ecbb1de90279d8af7f3ed60e0f527142912f3c83911282d81cb00e0d451fc359a8f6567b57c9f130854c2dc8da

  • SSDEEP

    24576:dVyK6NexXMbPCVUrrSQ2nEJcoft04wzzSKuW+:dwK6NKMzMcrSQzJcEq45KB

Malware Config

Targets

    • Target

      779bf6c876da1c00db5aca32640aa0bf9db29f6843a12e607df3b45d34c000ee

    • Size

      936KB

    • MD5

      4b59bbe415f025719fb0b0495f687da1

    • SHA1

      dfb486a0a343d87ab187e9d53d219f236bd0e8f5

    • SHA256

      779bf6c876da1c00db5aca32640aa0bf9db29f6843a12e607df3b45d34c000ee

    • SHA512

      7508db0b41138e6dde00331636904afc3cc499ecbb1de90279d8af7f3ed60e0f527142912f3c83911282d81cb00e0d451fc359a8f6567b57c9f130854c2dc8da

    • SSDEEP

      24576:dVyK6NexXMbPCVUrrSQ2nEJcoft04wzzSKuW+:dwK6NKMzMcrSQzJcEq45KB

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks