Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9da8daffff2ae95eee15952c781e8a3bdb215a9b0b617d5ec6cfd61d37cbbf0c

  • Size

    1.1MB

  • Sample

    230420-w8kdssdf3w

  • MD5

    639117d9498d62ea296504f8b721bc35

  • SHA1

    df173162b4898f4795eb538c28f83b9af7b57424

  • SHA256

    9da8daffff2ae95eee15952c781e8a3bdb215a9b0b617d5ec6cfd61d37cbbf0c

  • SHA512

    df43e6c8731d1c3beef7f90224f71598d68f4b21f904ca55cce80f734aafa11b55ff52f19ce10c84a6b75e328a448f834a6b3706e31f0d0ed2f65f96226bf8f3

  • SSDEEP

    24576:2yEkCZxXj71GefLLeyChV5i17P8qm4jCyfHfXFpA5tSynSSvvOJnw:FEkEQuLeBi17PGVUNpyPnSS6n

Malware Config

Targets

    • Target

      9da8daffff2ae95eee15952c781e8a3bdb215a9b0b617d5ec6cfd61d37cbbf0c

    • Size

      1.1MB

    • MD5

      639117d9498d62ea296504f8b721bc35

    • SHA1

      df173162b4898f4795eb538c28f83b9af7b57424

    • SHA256

      9da8daffff2ae95eee15952c781e8a3bdb215a9b0b617d5ec6cfd61d37cbbf0c

    • SHA512

      df43e6c8731d1c3beef7f90224f71598d68f4b21f904ca55cce80f734aafa11b55ff52f19ce10c84a6b75e328a448f834a6b3706e31f0d0ed2f65f96226bf8f3

    • SSDEEP

      24576:2yEkCZxXj71GefLLeyChV5i17P8qm4jCyfHfXFpA5tSynSSvvOJnw:FEkEQuLeBi17PGVUNpyPnSS6n

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks