Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ed2693ee1396a1150f8c830313e02e8661275bce056b6ac30abc77ba3f37c015

  • Size

    704KB

  • Sample

    230423-1a1qcahe9w

  • MD5

    d195c92420a445689c6e773b3b868a5d

  • SHA1

    4fba1c422d3e0eed33a4dd3b6baa302806ff066b

  • SHA256

    ed2693ee1396a1150f8c830313e02e8661275bce056b6ac30abc77ba3f37c015

  • SHA512

    d116104258956b3de4c05d71bd7cabdaaf298efb0c4fdc0edecbd11b4c6ec0a0e46f7bdf3834f97a2ca25f39d1ea8b91789204f886ad2a2890806bfdb1919b4c

  • SSDEEP

    12288:ay90GFyk/Xh2CRH/pmuSaD14Y2iY6r9dViwucTXyhlE9I1bzC0BIzwMGu/xu2YdD:ayR/XhJRfpqu1v3r9XzxuhGEHNBIcxtp

Malware Config

Targets

    • Target

      ed2693ee1396a1150f8c830313e02e8661275bce056b6ac30abc77ba3f37c015

    • Size

      704KB

    • MD5

      d195c92420a445689c6e773b3b868a5d

    • SHA1

      4fba1c422d3e0eed33a4dd3b6baa302806ff066b

    • SHA256

      ed2693ee1396a1150f8c830313e02e8661275bce056b6ac30abc77ba3f37c015

    • SHA512

      d116104258956b3de4c05d71bd7cabdaaf298efb0c4fdc0edecbd11b4c6ec0a0e46f7bdf3834f97a2ca25f39d1ea8b91789204f886ad2a2890806bfdb1919b4c

    • SSDEEP

      12288:ay90GFyk/Xh2CRH/pmuSaD14Y2iY6r9dViwucTXyhlE9I1bzC0BIzwMGu/xu2YdD:ayR/XhJRfpqu1v3r9XzxuhGEHNBIcxtp

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks