Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f359a70c5638b7584b35f5ebd1ab288b39070c5200fd7ec18fbee661b4df32b6

  • Size

    566KB

  • Sample

    230423-hm8ydadd5s

  • MD5

    83731bd8d29dfc39a6fb2b9b10adc68a

  • SHA1

    0c3915b0b92f3cd87e4a3723c478e28d1a96cab7

  • SHA256

    f359a70c5638b7584b35f5ebd1ab288b39070c5200fd7ec18fbee661b4df32b6

  • SHA512

    0cd955932803014234ec0ecba8b6b4369e4287599cc1199af2a673de754f067ab3da547a6ae2120a901c1f05c748aab39b8403c16883ac5f5807faa9773ff971

  • SSDEEP

    12288:hy90Q0Sqn7YKp/VgWvYyT2yPF0F9miQZK8yKiYtLDv4bEnjUF:hy4vn03W/F89mi8KTkv4bVF

Malware Config

Targets

    • Target

      f359a70c5638b7584b35f5ebd1ab288b39070c5200fd7ec18fbee661b4df32b6

    • Size

      566KB

    • MD5

      83731bd8d29dfc39a6fb2b9b10adc68a

    • SHA1

      0c3915b0b92f3cd87e4a3723c478e28d1a96cab7

    • SHA256

      f359a70c5638b7584b35f5ebd1ab288b39070c5200fd7ec18fbee661b4df32b6

    • SHA512

      0cd955932803014234ec0ecba8b6b4369e4287599cc1199af2a673de754f067ab3da547a6ae2120a901c1f05c748aab39b8403c16883ac5f5807faa9773ff971

    • SSDEEP

      12288:hy90Q0Sqn7YKp/VgWvYyT2yPF0F9miQZK8yKiYtLDv4bEnjUF:hy4vn03W/F89mi8KTkv4bVF

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks