Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3f50d992a6ed87d65eb6e7321e794181d0ed1ffb2f4062b9af9408441a51ad43

  • Size

    827KB

  • Sample

    230422-jtn28afd6v

  • MD5

    3c7014b8e52cc4cf485569ee99e00b59

  • SHA1

    ed9a4f99bbd66e126565c8969a08a96b9e86d56b

  • SHA256

    3f50d992a6ed87d65eb6e7321e794181d0ed1ffb2f4062b9af9408441a51ad43

  • SHA512

    4f69042d9613f8ae7fab4f4d6b95120d57b3e7d89cd94b6aa6c8c3063119073a747fad88cd818a430183bb8063fd61db8758ba6a677892f63439a7cedd26d053

  • SSDEEP

    24576:vyx9WfgN6zeY2xUN9uOatOpl/RE94UuvctKtW:67AgweY0UN9YtOpl/m4nUa

Malware Config

Targets

    • Target

      3f50d992a6ed87d65eb6e7321e794181d0ed1ffb2f4062b9af9408441a51ad43

    • Size

      827KB

    • MD5

      3c7014b8e52cc4cf485569ee99e00b59

    • SHA1

      ed9a4f99bbd66e126565c8969a08a96b9e86d56b

    • SHA256

      3f50d992a6ed87d65eb6e7321e794181d0ed1ffb2f4062b9af9408441a51ad43

    • SHA512

      4f69042d9613f8ae7fab4f4d6b95120d57b3e7d89cd94b6aa6c8c3063119073a747fad88cd818a430183bb8063fd61db8758ba6a677892f63439a7cedd26d053

    • SSDEEP

      24576:vyx9WfgN6zeY2xUN9uOatOpl/RE94UuvctKtW:67AgweY0UN9YtOpl/m4nUa

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks