Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6344236918a4a405c13f159c0b375dfade2a64d1cfabff3a7aad893b247842e2

  • Size

    564KB

  • Sample

    230423-1vblysgb69

  • MD5

    c752a12bf0fbc135d0cc3258ac3e36fc

  • SHA1

    5940326ad1129530c6f7543a0b1d4dcd0972df62

  • SHA256

    6344236918a4a405c13f159c0b375dfade2a64d1cfabff3a7aad893b247842e2

  • SHA512

    b541e1ef58b16754c1afd0eda2578442bda2a35e4e24083ecb9706f86f27432b65e6e5349c07bed2f26937524d952e6cc03839a2bd5344969c3b82b41dfe73d5

  • SSDEEP

    12288:5y90/+sMYsIZ5Qw7KdStqIzAzp03LfnMT54/sgWeGz9/j:5yYtBf7KAtBsy3LfkOizh

Malware Config

Targets

    • Target

      6344236918a4a405c13f159c0b375dfade2a64d1cfabff3a7aad893b247842e2

    • Size

      564KB

    • MD5

      c752a12bf0fbc135d0cc3258ac3e36fc

    • SHA1

      5940326ad1129530c6f7543a0b1d4dcd0972df62

    • SHA256

      6344236918a4a405c13f159c0b375dfade2a64d1cfabff3a7aad893b247842e2

    • SHA512

      b541e1ef58b16754c1afd0eda2578442bda2a35e4e24083ecb9706f86f27432b65e6e5349c07bed2f26937524d952e6cc03839a2bd5344969c3b82b41dfe73d5

    • SSDEEP

      12288:5y90/+sMYsIZ5Qw7KdStqIzAzp03LfnMT54/sgWeGz9/j:5yYtBf7KAtBsy3LfkOizh

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks