Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a66129bb7a3ca6e748104bba08d1c6b96dd63fdc85673c4c9bc8b538d037c103

  • Size

    569KB

  • Sample

    230422-namr9see57

  • MD5

    6ecde8e73308db7ab4d48545519aa71c

  • SHA1

    12e7ff346013768a91710e50e29907220c1e30b8

  • SHA256

    a66129bb7a3ca6e748104bba08d1c6b96dd63fdc85673c4c9bc8b538d037c103

  • SHA512

    90a11b819f3d336d36e7bffe2b006e86958092f4bfc8a4676986c60c2448504f7e4188bc03d5f0ff323dc76acc9102597b7be695a8a0ad2ba60287c28538b410

  • SSDEEP

    12288:Vy9019ooJYBmg+TIeOduxE9JKOzZ/6/fD8ojw1GFW:VyG9vTLTIeOdGEPBspkF

Malware Config

Targets

    • Target

      a66129bb7a3ca6e748104bba08d1c6b96dd63fdc85673c4c9bc8b538d037c103

    • Size

      569KB

    • MD5

      6ecde8e73308db7ab4d48545519aa71c

    • SHA1

      12e7ff346013768a91710e50e29907220c1e30b8

    • SHA256

      a66129bb7a3ca6e748104bba08d1c6b96dd63fdc85673c4c9bc8b538d037c103

    • SHA512

      90a11b819f3d336d36e7bffe2b006e86958092f4bfc8a4676986c60c2448504f7e4188bc03d5f0ff323dc76acc9102597b7be695a8a0ad2ba60287c28538b410

    • SSDEEP

      12288:Vy9019ooJYBmg+TIeOduxE9JKOzZ/6/fD8ojw1GFW:VyG9vTLTIeOdGEPBspkF

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks