Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    bdea54c5826cfde9460883a6bbbb41cf68233f46ba40e50bd77ab964e829359c

  • Size

    828KB

  • Sample

    230422-fej8yacg26

  • MD5

    f34e1534827747e24f4bfda8066077e5

  • SHA1

    5f3cc481b42035ea575efd26998ac2a36e5e016b

  • SHA256

    bdea54c5826cfde9460883a6bbbb41cf68233f46ba40e50bd77ab964e829359c

  • SHA512

    ce02e609d61c3e8abee13de7b9281216227155981c45a4cc001585f58f1bfca4c55a199fdfecf79e24ef776f53fc6845ba7bf0b159df73174d6334d6f3e44215

  • SSDEEP

    12288:Vy90FlQgJA4qrCiBXkSSGMypskuXdIk6Y8I0EMMl+kbj0Av/S1l3ZDIhWlV/Eja:Vy6SgUrnXyGMtIkyIjtVK1D049Eja

Malware Config

Targets

    • Target

      bdea54c5826cfde9460883a6bbbb41cf68233f46ba40e50bd77ab964e829359c

    • Size

      828KB

    • MD5

      f34e1534827747e24f4bfda8066077e5

    • SHA1

      5f3cc481b42035ea575efd26998ac2a36e5e016b

    • SHA256

      bdea54c5826cfde9460883a6bbbb41cf68233f46ba40e50bd77ab964e829359c

    • SHA512

      ce02e609d61c3e8abee13de7b9281216227155981c45a4cc001585f58f1bfca4c55a199fdfecf79e24ef776f53fc6845ba7bf0b159df73174d6334d6f3e44215

    • SSDEEP

      12288:Vy90FlQgJA4qrCiBXkSSGMypskuXdIk6Y8I0EMMl+kbj0Av/S1l3ZDIhWlV/Eja:Vy6SgUrnXyGMtIkyIjtVK1D049Eja

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks