Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    262cf55ee93b18d8afdcf9a1de086748760de5073d84db4f3df34a92e33fd0b3

  • Size

    568KB

  • Sample

    230422-d9manscc27

  • MD5

    03f048aea705b9819e6d4a52d53b0b2e

  • SHA1

    8c58e5bef76f1e4793f67a8a3be1de35579e4a3e

  • SHA256

    262cf55ee93b18d8afdcf9a1de086748760de5073d84db4f3df34a92e33fd0b3

  • SHA512

    efa8f5c6915475001a1469530aa50eca82e8aa6df64b785b34dec05d08ff94355e8ce0b615da43d643c4cfad885936223f4bce3a506f2d4c058193060f55a10e

  • SSDEEP

    12288:/y90Dpe59r6fUK/0/xHaRIPurgrGiYtO/QBywF7ISo2Zi7p3:/y4pU9r6fU60/Fa6PjYtIQByw5BZu3

Malware Config

Targets

    • Target

      262cf55ee93b18d8afdcf9a1de086748760de5073d84db4f3df34a92e33fd0b3

    • Size

      568KB

    • MD5

      03f048aea705b9819e6d4a52d53b0b2e

    • SHA1

      8c58e5bef76f1e4793f67a8a3be1de35579e4a3e

    • SHA256

      262cf55ee93b18d8afdcf9a1de086748760de5073d84db4f3df34a92e33fd0b3

    • SHA512

      efa8f5c6915475001a1469530aa50eca82e8aa6df64b785b34dec05d08ff94355e8ce0b615da43d643c4cfad885936223f4bce3a506f2d4c058193060f55a10e

    • SSDEEP

      12288:/y90Dpe59r6fUK/0/xHaRIPurgrGiYtO/QBywF7ISo2Zi7p3:/y4pU9r6fU60/Fa6PjYtIQByw5BZu3

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks