Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    50edaebd6034cf875b053d3675cada5bf21f96ec4019c45c7cde63cbe878f46c

  • Size

    709KB

  • Sample

    230422-td5edahc7z

  • MD5

    963ce75948926cb51620590068063dd0

  • SHA1

    390f5b3837ac6a1719ae43b53a70740f128b1357

  • SHA256

    50edaebd6034cf875b053d3675cada5bf21f96ec4019c45c7cde63cbe878f46c

  • SHA512

    3cd14ccb9e38be45029d7341e595035055550eafa947531730db322af2ef6467e76219baa32f874c90b3cc1b4dec60e4a88d380145a188deb3c148699ee0efc6

  • SSDEEP

    12288:Yy90Lu/gpJCz/llKF9FZbRhcrE8SVYXdXdso9q3LCwnRHzn0utqwQKmxsK:YyxgpJCn+dhcrzXdXdso9g1RjdEwQKRK

Malware Config

Targets

    • Target

      50edaebd6034cf875b053d3675cada5bf21f96ec4019c45c7cde63cbe878f46c

    • Size

      709KB

    • MD5

      963ce75948926cb51620590068063dd0

    • SHA1

      390f5b3837ac6a1719ae43b53a70740f128b1357

    • SHA256

      50edaebd6034cf875b053d3675cada5bf21f96ec4019c45c7cde63cbe878f46c

    • SHA512

      3cd14ccb9e38be45029d7341e595035055550eafa947531730db322af2ef6467e76219baa32f874c90b3cc1b4dec60e4a88d380145a188deb3c148699ee0efc6

    • SSDEEP

      12288:Yy90Lu/gpJCz/llKF9FZbRhcrE8SVYXdXdso9q3LCwnRHzn0utqwQKmxsK:YyxgpJCn+dhcrzXdXdso9g1RjdEwQKRK

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks