Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2d85ebf354dd95e3e46ab65bd6e45aff16790594383ebef773bcb23405a03f9c

  • Size

    965KB

  • Sample

    230422-c5dbjadg7s

  • MD5

    314c8bbfdd70f91325c1418cb0406c84

  • SHA1

    b97910eaa78d929af3cdc1c55192bc863f14d070

  • SHA256

    2d85ebf354dd95e3e46ab65bd6e45aff16790594383ebef773bcb23405a03f9c

  • SHA512

    67f519d11ce2c16bbf4f3c2e37a0a0faaf03a6edf7d4b06f2ff3442f11584ef49cf3d8704076c36403c30ccdaad7983317e0e49ea7204ba037afda10de9cf9b9

  • SSDEEP

    24576:Ay7FgsF+DdL2DMrJE9UDOaqjfd6TVdZb14INBsnQXEc8:HBgsF2dLHE9USWDVfX

Malware Config

Targets

    • Target

      2d85ebf354dd95e3e46ab65bd6e45aff16790594383ebef773bcb23405a03f9c

    • Size

      965KB

    • MD5

      314c8bbfdd70f91325c1418cb0406c84

    • SHA1

      b97910eaa78d929af3cdc1c55192bc863f14d070

    • SHA256

      2d85ebf354dd95e3e46ab65bd6e45aff16790594383ebef773bcb23405a03f9c

    • SHA512

      67f519d11ce2c16bbf4f3c2e37a0a0faaf03a6edf7d4b06f2ff3442f11584ef49cf3d8704076c36403c30ccdaad7983317e0e49ea7204ba037afda10de9cf9b9

    • SSDEEP

      24576:Ay7FgsF+DdL2DMrJE9UDOaqjfd6TVdZb14INBsnQXEc8:HBgsF2dLHE9USWDVfX

    • Modifies Windows Defender Real-time Protection settings

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks