Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f7f72179c3792f8c82601df9ec44362842c408df5859cbc584adef969d1e593a

  • Size

    710KB

  • Sample

    230422-tgc5ashc8y

  • MD5

    bf9336f41885f9645bfb2ae7369f4c9f

  • SHA1

    46270d9a387fa222a55818046fd19b30a667c2a0

  • SHA256

    f7f72179c3792f8c82601df9ec44362842c408df5859cbc584adef969d1e593a

  • SHA512

    2b71f1442620a7bbe272a8b9d9424cd018fc1c4ad09c8f60c67865f28fef93feb801dcc3b2b3e646a4e07f4dc6fa1ad9843bf3d6dffdf4a31836a4aa9a370b03

  • SSDEEP

    12288:0y90A2zhVJ1pitOrckxrBu4REsVEoJ3Cw/fmzn8gtr3pmz/0t5:0yuJ6wrckBBuRsVBlfiXQS5

Malware Config

Targets

    • Target

      f7f72179c3792f8c82601df9ec44362842c408df5859cbc584adef969d1e593a

    • Size

      710KB

    • MD5

      bf9336f41885f9645bfb2ae7369f4c9f

    • SHA1

      46270d9a387fa222a55818046fd19b30a667c2a0

    • SHA256

      f7f72179c3792f8c82601df9ec44362842c408df5859cbc584adef969d1e593a

    • SHA512

      2b71f1442620a7bbe272a8b9d9424cd018fc1c4ad09c8f60c67865f28fef93feb801dcc3b2b3e646a4e07f4dc6fa1ad9843bf3d6dffdf4a31836a4aa9a370b03

    • SSDEEP

      12288:0y90A2zhVJ1pitOrckxrBu4REsVEoJ3Cw/fmzn8gtr3pmz/0t5:0yuJ6wrckBBuRsVBlfiXQS5

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks