Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3073dd11c0885783e651d98f69206a709feeb7c7e20738cc015e639f0f728854

  • Size

    560KB

  • Sample

    230422-vq5rcafh32

  • MD5

    59e6e583ba0c81d01a4710d6069e8639

  • SHA1

    8593faaf1e4683f70e29a0427bdccd56e3e898a8

  • SHA256

    3073dd11c0885783e651d98f69206a709feeb7c7e20738cc015e639f0f728854

  • SHA512

    3b8f29f009831d2eaaa187cf216b7d3cc74f4785e2f3100e28ada00e3b9d224fa8cd0d7edb3f952972736899d77efb5f3462acc65b6a7a639e05c3c84a0f73a1

  • SSDEEP

    12288:ky90eBhX8awXSvGIAhKONb3s3w09SelOMQT3VcB4x:ky5Bxjw7IAsEc3w0llfay6x

Malware Config

Targets

    • Target

      3073dd11c0885783e651d98f69206a709feeb7c7e20738cc015e639f0f728854

    • Size

      560KB

    • MD5

      59e6e583ba0c81d01a4710d6069e8639

    • SHA1

      8593faaf1e4683f70e29a0427bdccd56e3e898a8

    • SHA256

      3073dd11c0885783e651d98f69206a709feeb7c7e20738cc015e639f0f728854

    • SHA512

      3b8f29f009831d2eaaa187cf216b7d3cc74f4785e2f3100e28ada00e3b9d224fa8cd0d7edb3f952972736899d77efb5f3462acc65b6a7a639e05c3c84a0f73a1

    • SSDEEP

      12288:ky90eBhX8awXSvGIAhKONb3s3w09SelOMQT3VcB4x:ky5Bxjw7IAsEc3w0llfay6x

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks