Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7619871df3379084e1d6f1e110ff93f0ea9c5e7b34212fec1bd0cee303da5bbb

  • Size

    559KB

  • Sample

    230422-1ml3qagh58

  • MD5

    f768fb346f210eb3f13a4dd8d8040dca

  • SHA1

    d3a06cb5dedc748e5b9c092b1dacda9082139433

  • SHA256

    7619871df3379084e1d6f1e110ff93f0ea9c5e7b34212fec1bd0cee303da5bbb

  • SHA512

    974e8641b329784befc45c8130d8ea6530e7c5838eda2bfae44789933ce4a95c67c6a47e189fd2cdf19608537d72354608637ee3cf095bf09c5e8567ddc1c90d

  • SSDEEP

    12288:6y90+v9dbEHHwHIat+vNv06uUeEca/6g5RrK/26k6:6yN96nRNTuUjGOA

Malware Config

Targets

    • Target

      7619871df3379084e1d6f1e110ff93f0ea9c5e7b34212fec1bd0cee303da5bbb

    • Size

      559KB

    • MD5

      f768fb346f210eb3f13a4dd8d8040dca

    • SHA1

      d3a06cb5dedc748e5b9c092b1dacda9082139433

    • SHA256

      7619871df3379084e1d6f1e110ff93f0ea9c5e7b34212fec1bd0cee303da5bbb

    • SHA512

      974e8641b329784befc45c8130d8ea6530e7c5838eda2bfae44789933ce4a95c67c6a47e189fd2cdf19608537d72354608637ee3cf095bf09c5e8567ddc1c90d

    • SSDEEP

      12288:6y90+v9dbEHHwHIat+vNv06uUeEca/6g5RrK/26k6:6yN96nRNTuUjGOA

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks