Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7519fe2f61e1112e5151d899e4c5c0d1507337674a90918f5b0462d6c55f63ac

  • Size

    935KB

  • Sample

    230420-k2ap8sgg38

  • MD5

    d62094873f8e567fd7a37db6a8805fb8

  • SHA1

    302014f40488a99e72c00e042b9e5b8bcb78afc5

  • SHA256

    7519fe2f61e1112e5151d899e4c5c0d1507337674a90918f5b0462d6c55f63ac

  • SHA512

    a26fc9dc58ff7a4be2ee4743fbd1db014036fb3694533c3c5197cc9086ce4723e58325e0ac86866eb294f3c1af951259bf7157c5973f57ffac0c6aa96962320c

  • SSDEEP

    24576:5yP/SrXQ1AGJNQH//rQPbcPYKOeW3gpv:sirQ1AQNSrAbcJW

Malware Config

Targets

    • Target

      7519fe2f61e1112e5151d899e4c5c0d1507337674a90918f5b0462d6c55f63ac

    • Size

      935KB

    • MD5

      d62094873f8e567fd7a37db6a8805fb8

    • SHA1

      302014f40488a99e72c00e042b9e5b8bcb78afc5

    • SHA256

      7519fe2f61e1112e5151d899e4c5c0d1507337674a90918f5b0462d6c55f63ac

    • SHA512

      a26fc9dc58ff7a4be2ee4743fbd1db014036fb3694533c3c5197cc9086ce4723e58325e0ac86866eb294f3c1af951259bf7157c5973f57ffac0c6aa96962320c

    • SSDEEP

      24576:5yP/SrXQ1AGJNQH//rQPbcPYKOeW3gpv:sirQ1AQNSrAbcJW

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks