Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e6faf01992aea1470a6d90c7446f1624b74cc5a1840ab54da91953d06cc2780e

  • Size

    965KB

  • Sample

    230422-ddz7naca56

  • MD5

    b452e476191695c240d3dd1dffbdc331

  • SHA1

    089b7d590f9a9d2b1ec71b4ba703f4c3242ce377

  • SHA256

    e6faf01992aea1470a6d90c7446f1624b74cc5a1840ab54da91953d06cc2780e

  • SHA512

    02d7b4d8efe2f24fb7f781899d6e71671951ced009649625294c46b24c5e5742871b0af36159682c0e58ac88d20e3e131d50f52ddd02aee5477b3a1dec23846d

  • SSDEEP

    24576:YysGmcD7W0EHh/ZDD+t3sbSUchCFX++wwr:fsbcD7tEB/Zg3wSUBFu+w

Malware Config

Targets

    • Target

      e6faf01992aea1470a6d90c7446f1624b74cc5a1840ab54da91953d06cc2780e

    • Size

      965KB

    • MD5

      b452e476191695c240d3dd1dffbdc331

    • SHA1

      089b7d590f9a9d2b1ec71b4ba703f4c3242ce377

    • SHA256

      e6faf01992aea1470a6d90c7446f1624b74cc5a1840ab54da91953d06cc2780e

    • SHA512

      02d7b4d8efe2f24fb7f781899d6e71671951ced009649625294c46b24c5e5742871b0af36159682c0e58ac88d20e3e131d50f52ddd02aee5477b3a1dec23846d

    • SSDEEP

      24576:YysGmcD7W0EHh/ZDD+t3sbSUchCFX++wwr:fsbcD7tEB/Zg3wSUBFu+w

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks