Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    88fc7bf342b4f0ef12d68c492f0b9d0b84382b2ddbc1ec8061372e946e35a6f3

  • Size

    1.0MB

  • Sample

    230420-z2wp2aec8t

  • MD5

    6b199acec7ccf52671ffb278832a2aa8

  • SHA1

    caf1ef2a22ec776a9d1f1d9d4d0ab40371a3db40

  • SHA256

    88fc7bf342b4f0ef12d68c492f0b9d0b84382b2ddbc1ec8061372e946e35a6f3

  • SHA512

    c6667897b946243f3b017a8d447db193daca00bddb5f8dc3fa5ffac1d5fd810a1a73556902a3951b8405f9bf7e15a4627736b4ef6da48bbfb7db2a850100a976

  • SSDEEP

    24576:RyoTN5tuc8Stp5OtBUG8VCEPMXjiavKGN3Oi853Oud6:EoT/Ic8+56SG8B+lheBd

Malware Config

Targets

    • Target

      88fc7bf342b4f0ef12d68c492f0b9d0b84382b2ddbc1ec8061372e946e35a6f3

    • Size

      1.0MB

    • MD5

      6b199acec7ccf52671ffb278832a2aa8

    • SHA1

      caf1ef2a22ec776a9d1f1d9d4d0ab40371a3db40

    • SHA256

      88fc7bf342b4f0ef12d68c492f0b9d0b84382b2ddbc1ec8061372e946e35a6f3

    • SHA512

      c6667897b946243f3b017a8d447db193daca00bddb5f8dc3fa5ffac1d5fd810a1a73556902a3951b8405f9bf7e15a4627736b4ef6da48bbfb7db2a850100a976

    • SSDEEP

      24576:RyoTN5tuc8Stp5OtBUG8VCEPMXjiavKGN3Oi853Oud6:EoT/Ic8+56SG8B+lheBd

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks