Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4f729ef6719e9d1cecccc11da8424654566634f7cb83bafc13ed9e761d5a4faa

  • Size

    695KB

  • Sample

    230421-212k1ace8y

  • MD5

    f2db8a9ebca6c483bbe11c50a8dc434b

  • SHA1

    5b8b62d7a3b1c2f56b3a273d6a7cc8be185d0cbe

  • SHA256

    4f729ef6719e9d1cecccc11da8424654566634f7cb83bafc13ed9e761d5a4faa

  • SHA512

    e330ac0cde2353135306629b634ec7a369afe2d3d08cbed2d89cb11ced74fc604ed6b53912c77094965a39405cef1396701cd1c99d182aa7519dff6447c0911d

  • SSDEEP

    12288:Oy90St2YjHxB1mMfmwTa25AMdlSFu7fBMF+MpcfBbgqEtm0WqTNI:Oy72YrxB1VtJeo7pq+Mp0Bb0g0VTO

Malware Config

Targets

    • Target

      4f729ef6719e9d1cecccc11da8424654566634f7cb83bafc13ed9e761d5a4faa

    • Size

      695KB

    • MD5

      f2db8a9ebca6c483bbe11c50a8dc434b

    • SHA1

      5b8b62d7a3b1c2f56b3a273d6a7cc8be185d0cbe

    • SHA256

      4f729ef6719e9d1cecccc11da8424654566634f7cb83bafc13ed9e761d5a4faa

    • SHA512

      e330ac0cde2353135306629b634ec7a369afe2d3d08cbed2d89cb11ced74fc604ed6b53912c77094965a39405cef1396701cd1c99d182aa7519dff6447c0911d

    • SSDEEP

      12288:Oy90St2YjHxB1mMfmwTa25AMdlSFu7fBMF+MpcfBbgqEtm0WqTNI:Oy72YrxB1VtJeo7pq+Mp0Bb0g0VTO

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks