Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7071546f66b8fd9147edd5a89dea1f91573876f9b0d0f9761e19f1a1dd3e86b4

  • Size

    705KB

  • Sample

    230423-k37flace26

  • MD5

    2601b2d985aa8574f182423edd67bbd3

  • SHA1

    14f25f0a1dc3550d7591d44d456bb370fa283470

  • SHA256

    7071546f66b8fd9147edd5a89dea1f91573876f9b0d0f9761e19f1a1dd3e86b4

  • SHA512

    745e6f9a807ba965a7417085b2f956e9731608433271dbbac3c3d51439f6041ccf69fa95c7d4b0912603e1b3cff7db1d26557a3045b89a7a25ba1abd2cf79843

  • SSDEEP

    12288:vy90O/VBVr656doAyeH4D8EEV3+N9sXnuRvNILSl9idONv1x+fNDY:vyVy56ZxYDaIsXuRvNILm9idONvL8NDY

Malware Config

Targets

    • Target

      7071546f66b8fd9147edd5a89dea1f91573876f9b0d0f9761e19f1a1dd3e86b4

    • Size

      705KB

    • MD5

      2601b2d985aa8574f182423edd67bbd3

    • SHA1

      14f25f0a1dc3550d7591d44d456bb370fa283470

    • SHA256

      7071546f66b8fd9147edd5a89dea1f91573876f9b0d0f9761e19f1a1dd3e86b4

    • SHA512

      745e6f9a807ba965a7417085b2f956e9731608433271dbbac3c3d51439f6041ccf69fa95c7d4b0912603e1b3cff7db1d26557a3045b89a7a25ba1abd2cf79843

    • SSDEEP

      12288:vy90O/VBVr656doAyeH4D8EEV3+N9sXnuRvNILSl9idONv1x+fNDY:vyVy56ZxYDaIsXuRvNILm9idONvL8NDY

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks