Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a38c123100a68b8650b36a546d1c188db2a054a3a1c8c9c65753088954803e3a
-
Size
923KB
-
Sample
230421-bxyrtsdd72
-
MD5
a137cfe96276eb9103168d6f5e8c9f14
-
SHA1
a30adf1122dfb31c9c0f6c6e3708b0c0a515b008
-
SHA256
a38c123100a68b8650b36a546d1c188db2a054a3a1c8c9c65753088954803e3a
-
SHA512
8fea231f23e7d2d7f8c655baa8830373bf393e54d80b171a3d557da46aa574a6ec6df2ea9361f0befefcf94a96e471dbce2a41411ec5545a0b80aabff033c8d6
-
SSDEEP
24576:xyclnm1A5MItOe+n7HaMWVuyddw0o+xQMSezFRXZI:kcUwtL+n7Hbp2dho+xQMSezXX
Malware Config
Targets
-
-
Target
a38c123100a68b8650b36a546d1c188db2a054a3a1c8c9c65753088954803e3a
-
Size
923KB
-
MD5
a137cfe96276eb9103168d6f5e8c9f14
-
SHA1
a30adf1122dfb31c9c0f6c6e3708b0c0a515b008
-
SHA256
a38c123100a68b8650b36a546d1c188db2a054a3a1c8c9c65753088954803e3a
-
SHA512
8fea231f23e7d2d7f8c655baa8830373bf393e54d80b171a3d557da46aa574a6ec6df2ea9361f0befefcf94a96e471dbce2a41411ec5545a0b80aabff033c8d6
-
SSDEEP
24576:xyclnm1A5MItOe+n7HaMWVuyddw0o+xQMSezFRXZI:kcUwtL+n7Hbp2dho+xQMSezXX
Score10/10-
Modifies Windows Defender Real-time Protection settings
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Windows security modification
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-