Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    df5636aa81be20bade6800b157c2551f11e3c60c46e1f5a951af76a0a345266e

  • Size

    559KB

  • Sample

    230422-vggcdshe3w

  • MD5

    47deaf6a29ee08f22aeb9935f9fcae39

  • SHA1

    30474e8e2ab0a91cfa32e270e5b14aa5cdb62cd1

  • SHA256

    df5636aa81be20bade6800b157c2551f11e3c60c46e1f5a951af76a0a345266e

  • SHA512

    06dfe4da830cbd95cc5b3f6f8b462fc1feb4cb2a8dc293b86d8a6f9b7bd7d71b288d634997a894ca6069103179cb4baf7bb455f3ca03ede2845c18b6704a3b1e

  • SSDEEP

    12288:Dy90dQqwVpimY4eJzG4/cF39fKMV5bBhne7Vn6Iru0iV:Dye9Epi34gkl9C6NZe7hib

Malware Config

Targets

    • Target

      df5636aa81be20bade6800b157c2551f11e3c60c46e1f5a951af76a0a345266e

    • Size

      559KB

    • MD5

      47deaf6a29ee08f22aeb9935f9fcae39

    • SHA1

      30474e8e2ab0a91cfa32e270e5b14aa5cdb62cd1

    • SHA256

      df5636aa81be20bade6800b157c2551f11e3c60c46e1f5a951af76a0a345266e

    • SHA512

      06dfe4da830cbd95cc5b3f6f8b462fc1feb4cb2a8dc293b86d8a6f9b7bd7d71b288d634997a894ca6069103179cb4baf7bb455f3ca03ede2845c18b6704a3b1e

    • SSDEEP

      12288:Dy90dQqwVpimY4eJzG4/cF39fKMV5bBhne7Vn6Iru0iV:Dye9Epi34gkl9C6NZe7hib

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks