Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    95fe65b7df9a40defe88170655852b2b03c17b499e06cda0eb26178cd37ef007

  • Size

    922KB

  • Sample

    230421-dl14xsfg3t

  • MD5

    c81e0154aae227ae719026ddcb0e588d

  • SHA1

    a5beadaa93705bfc1d27905b16c9f2b12fb8b91c

  • SHA256

    95fe65b7df9a40defe88170655852b2b03c17b499e06cda0eb26178cd37ef007

  • SHA512

    ff0ce26020858328618d6d6d73e97d57c4813d9af68fc7495d397da850bd30216cfa80b01da5d3bf88483b7f49be96d4b50fbbc23027ce405f734eacc7a17746

  • SSDEEP

    24576:Fy1/dbxYHkdhSGjmCRReMYwHluVHC9en2ljMP:g1tj4G6Cz0U4u

Malware Config

Targets

    • Target

      95fe65b7df9a40defe88170655852b2b03c17b499e06cda0eb26178cd37ef007

    • Size

      922KB

    • MD5

      c81e0154aae227ae719026ddcb0e588d

    • SHA1

      a5beadaa93705bfc1d27905b16c9f2b12fb8b91c

    • SHA256

      95fe65b7df9a40defe88170655852b2b03c17b499e06cda0eb26178cd37ef007

    • SHA512

      ff0ce26020858328618d6d6d73e97d57c4813d9af68fc7495d397da850bd30216cfa80b01da5d3bf88483b7f49be96d4b50fbbc23027ce405f734eacc7a17746

    • SSDEEP

      24576:Fy1/dbxYHkdhSGjmCRReMYwHluVHC9en2ljMP:g1tj4G6Cz0U4u

    • Modifies Windows Defender Real-time Protection settings

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks