Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    98770e23c98aead3ccf50c39db50a39e0fdf57bbc9329fab0c79ac7cf7839e9f

  • Size

    569KB

  • Sample

    230422-f7etxsch74

  • MD5

    196d145d6ced13980a85ae7664740e72

  • SHA1

    6808bbb390f8597652239462d49075fea5925c25

  • SHA256

    98770e23c98aead3ccf50c39db50a39e0fdf57bbc9329fab0c79ac7cf7839e9f

  • SHA512

    a95d647b741e03b1f40ee921349a85e48ca8fcee654319f18e29f2195b8153621cc27ca1233c53fc1ea1aac8c2293e33eeab607fa7ae4a2871757d550db255a0

  • SSDEEP

    12288:6y90rQwHE/5dNjfpivZje71ladqn2Y8X0fLQVsXUE2+/x6:6yzKE/5LjIRQGqnGX8y+56

Malware Config

Targets

    • Target

      98770e23c98aead3ccf50c39db50a39e0fdf57bbc9329fab0c79ac7cf7839e9f

    • Size

      569KB

    • MD5

      196d145d6ced13980a85ae7664740e72

    • SHA1

      6808bbb390f8597652239462d49075fea5925c25

    • SHA256

      98770e23c98aead3ccf50c39db50a39e0fdf57bbc9329fab0c79ac7cf7839e9f

    • SHA512

      a95d647b741e03b1f40ee921349a85e48ca8fcee654319f18e29f2195b8153621cc27ca1233c53fc1ea1aac8c2293e33eeab607fa7ae4a2871757d550db255a0

    • SSDEEP

      12288:6y90rQwHE/5dNjfpivZje71ladqn2Y8X0fLQVsXUE2+/x6:6yzKE/5LjIRQGqnGX8y+56

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks