Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c8843b4e6dd024af04614f047ae14bb5ab505e11a2ac8a5efce9eeace4838eb8

  • Size

    560KB

  • Sample

    230422-vv1m7afh46

  • MD5

    e50a605c292d0c62329818ac1e682997

  • SHA1

    17c9b56e8755fca3f2c3065e0f6b5f57ff59dedb

  • SHA256

    c8843b4e6dd024af04614f047ae14bb5ab505e11a2ac8a5efce9eeace4838eb8

  • SHA512

    4202a2a548c2a0b120a9a38da6363b802981e8cb52d715c371de86bc31d7dfd49780adaa991622d1d4b57db8f9b66aab23bf0c229e64ed4b1a5f6df8b298c957

  • SSDEEP

    12288:Jy90LCeIN0XNua65xj6P8I6r3V3/09SVHZkz9/2ktYB:JysRi+a5x+UTl3/0SCoB

Malware Config

Targets

    • Target

      c8843b4e6dd024af04614f047ae14bb5ab505e11a2ac8a5efce9eeace4838eb8

    • Size

      560KB

    • MD5

      e50a605c292d0c62329818ac1e682997

    • SHA1

      17c9b56e8755fca3f2c3065e0f6b5f57ff59dedb

    • SHA256

      c8843b4e6dd024af04614f047ae14bb5ab505e11a2ac8a5efce9eeace4838eb8

    • SHA512

      4202a2a548c2a0b120a9a38da6363b802981e8cb52d715c371de86bc31d7dfd49780adaa991622d1d4b57db8f9b66aab23bf0c229e64ed4b1a5f6df8b298c957

    • SSDEEP

      12288:Jy90LCeIN0XNua65xj6P8I6r3V3/09SVHZkz9/2ktYB:JysRi+a5x+UTl3/0SCoB

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks