Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4ab680983e7213c18963749dd41e652db3686204c97788a1a5e6a27fa0cf25e1

  • Size

    559KB

  • Sample

    230422-zrbl4sad5v

  • MD5

    0f05d0990c9e99a3f1024b95661c2ae4

  • SHA1

    9a70844c5ca4415c5baea4c83a53cafe8178a836

  • SHA256

    4ab680983e7213c18963749dd41e652db3686204c97788a1a5e6a27fa0cf25e1

  • SHA512

    31c095e8ad441d3aaa24cb3e9cbdf172ce1648d314d5cb9b8f99e05ead046cef51806774c30f7e56ed4b6c36db6118aaaf9764df8662391f455388fe5e9b4744

  • SSDEEP

    12288:Yy90TEBszJJhqwG4ODR16uOfEcq/El54eDW6Ekr:YyhByiwKyuOcjeIkr

Malware Config

Targets

    • Target

      4ab680983e7213c18963749dd41e652db3686204c97788a1a5e6a27fa0cf25e1

    • Size

      559KB

    • MD5

      0f05d0990c9e99a3f1024b95661c2ae4

    • SHA1

      9a70844c5ca4415c5baea4c83a53cafe8178a836

    • SHA256

      4ab680983e7213c18963749dd41e652db3686204c97788a1a5e6a27fa0cf25e1

    • SHA512

      31c095e8ad441d3aaa24cb3e9cbdf172ce1648d314d5cb9b8f99e05ead046cef51806774c30f7e56ed4b6c36db6118aaaf9764df8662391f455388fe5e9b4744

    • SSDEEP

      12288:Yy90TEBszJJhqwG4ODR16uOfEcq/El54eDW6Ekr:YyhByiwKyuOcjeIkr

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks