Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1e3a90cc31d6d11e407bbee7a76c5e61fab6a6519cda424b1fef3b23fa0366ad

  • Size

    1.1MB

  • Sample

    230420-r9kczace4v

  • MD5

    12e10c26de4ad8590667a11ab369c0db

  • SHA1

    79253ec24e19fcc67436c5b9639c2c5d1dbd7eb0

  • SHA256

    1e3a90cc31d6d11e407bbee7a76c5e61fab6a6519cda424b1fef3b23fa0366ad

  • SHA512

    df49cb03e9300341339a5df87cc0c8fa6dc170dab955e40305b3c0c88ec95bdbd04892d81b4d5de6ad75158529c38ab2171a7afadb726f31e91e27359a31a159

  • SSDEEP

    24576:DyF6dmAMlCEZNmk5HAw/IcCf/AReE3k7eqkl4HJv/3iAC4/4Y:WQkNdd5gwbwtv7FklQniAHg

Malware Config

Targets

    • Target

      1e3a90cc31d6d11e407bbee7a76c5e61fab6a6519cda424b1fef3b23fa0366ad

    • Size

      1.1MB

    • MD5

      12e10c26de4ad8590667a11ab369c0db

    • SHA1

      79253ec24e19fcc67436c5b9639c2c5d1dbd7eb0

    • SHA256

      1e3a90cc31d6d11e407bbee7a76c5e61fab6a6519cda424b1fef3b23fa0366ad

    • SHA512

      df49cb03e9300341339a5df87cc0c8fa6dc170dab955e40305b3c0c88ec95bdbd04892d81b4d5de6ad75158529c38ab2171a7afadb726f31e91e27359a31a159

    • SSDEEP

      24576:DyF6dmAMlCEZNmk5HAw/IcCf/AReE3k7eqkl4HJv/3iAC4/4Y:WQkNdd5gwbwtv7FklQniAHg

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks