Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    33e8ca1978fd20bf8d6dfa4c6248a88b303d53d50943878b1bd08fc498f40abd

  • Size

    707KB

  • Sample

    230422-pdpxgaeg42

  • MD5

    e0996d2770aa5a18d6a9f5920647e880

  • SHA1

    fb421eb5830655a6b59306ab140a6d4a2486eb86

  • SHA256

    33e8ca1978fd20bf8d6dfa4c6248a88b303d53d50943878b1bd08fc498f40abd

  • SHA512

    6ca23cec681d4584c68669c4bb9383d374ca896f8c6098f9ef3f42987dc8f7753cb17451ebf7f8c18d4ef8c191c2193309c65ab2ec2a82180169721603d21c18

  • SSDEEP

    12288:by90uUg/t2EOlMedzNx2y9e/Hq/G187tA27ux/uF9CEYzzLiF:byXUcEXMeRNx2Xq/GW7tA26gFkEYzzuF

Malware Config

Targets

    • Target

      33e8ca1978fd20bf8d6dfa4c6248a88b303d53d50943878b1bd08fc498f40abd

    • Size

      707KB

    • MD5

      e0996d2770aa5a18d6a9f5920647e880

    • SHA1

      fb421eb5830655a6b59306ab140a6d4a2486eb86

    • SHA256

      33e8ca1978fd20bf8d6dfa4c6248a88b303d53d50943878b1bd08fc498f40abd

    • SHA512

      6ca23cec681d4584c68669c4bb9383d374ca896f8c6098f9ef3f42987dc8f7753cb17451ebf7f8c18d4ef8c191c2193309c65ab2ec2a82180169721603d21c18

    • SSDEEP

      12288:by90uUg/t2EOlMedzNx2y9e/Hq/G187tA27ux/uF9CEYzzLiF:byXUcEXMeRNx2Xq/GW7tA26gFkEYzzuF

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks