Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3a6a1b5c7625a255f9d91c5a100662994b84c597a96930a7b39a0ba57f69d57c

  • Size

    697KB

  • Sample

    230422-xy22jagc86

  • MD5

    6c76878e666cdfec288996d4e11ccb89

  • SHA1

    63a7d18dd85cdcfe648f46183b0c3707b417b060

  • SHA256

    3a6a1b5c7625a255f9d91c5a100662994b84c597a96930a7b39a0ba57f69d57c

  • SHA512

    d6b41eadcaaaf3f09f76070faae303fcf46c804831642a88c521e72d37f8bc42116dc4d5f2ba4aba5e32ae26b9ec2c45625c11f7bec28f8ea6fd679cda7977ac

  • SSDEEP

    12288:Ay90mSOXAEeaS5xn6+csk+IaFvhVvJSrGtaLClihfr3a3q3:AyVSdEeaAh6+Jk+IaFJXSCtaK0fr20

Malware Config

Targets

    • Target

      3a6a1b5c7625a255f9d91c5a100662994b84c597a96930a7b39a0ba57f69d57c

    • Size

      697KB

    • MD5

      6c76878e666cdfec288996d4e11ccb89

    • SHA1

      63a7d18dd85cdcfe648f46183b0c3707b417b060

    • SHA256

      3a6a1b5c7625a255f9d91c5a100662994b84c597a96930a7b39a0ba57f69d57c

    • SHA512

      d6b41eadcaaaf3f09f76070faae303fcf46c804831642a88c521e72d37f8bc42116dc4d5f2ba4aba5e32ae26b9ec2c45625c11f7bec28f8ea6fd679cda7977ac

    • SSDEEP

      12288:Ay90mSOXAEeaS5xn6+csk+IaFvhVvJSrGtaLClihfr3a3q3:AyVSdEeaAh6+Jk+IaFJXSCtaK0fr20

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks