Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    34b7bdb113886f064815b2fcb6c2e51909b70100489fff28a73f04db7b113a48

  • Size

    707KB

  • Sample

    230422-n4fwtagd6t

  • MD5

    02fa3c0e4ad987da8831abb9a6c06626

  • SHA1

    2c1787cd12d05caa3c9d92faadc93ed3d626180c

  • SHA256

    34b7bdb113886f064815b2fcb6c2e51909b70100489fff28a73f04db7b113a48

  • SHA512

    b4af25dc2e5f390a37ba985323ce90446d790599d40a73f934ebffee47c45eb3ca8cae4ffbeadabf4846cf62b9ab801f495803b0e6ec9421411a3877a63702e5

  • SSDEEP

    12288:ly90/gLi65gQca0tLEGxQ62N5wH++nTMrQnZAbC376xDF19n0zfk7H+Y:lyXO65gbTEGxQ6N++nTM0nSbC3GX1N0U

Malware Config

Targets

    • Target

      34b7bdb113886f064815b2fcb6c2e51909b70100489fff28a73f04db7b113a48

    • Size

      707KB

    • MD5

      02fa3c0e4ad987da8831abb9a6c06626

    • SHA1

      2c1787cd12d05caa3c9d92faadc93ed3d626180c

    • SHA256

      34b7bdb113886f064815b2fcb6c2e51909b70100489fff28a73f04db7b113a48

    • SHA512

      b4af25dc2e5f390a37ba985323ce90446d790599d40a73f934ebffee47c45eb3ca8cae4ffbeadabf4846cf62b9ab801f495803b0e6ec9421411a3877a63702e5

    • SSDEEP

      12288:ly90/gLi65gQca0tLEGxQ62N5wH++nTMrQnZAbC376xDF19n0zfk7H+Y:lyXO65gbTEGxQ6N++nTM0nSbC3GX1N0U

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks