Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    33356c5c95b24786f428b424ce1134df23d93f7a36b9a6b1ef65e4c3ebc9111c

  • Size

    709KB

  • Sample

    230423-m7p38ach84

  • MD5

    0f8a557c456e76d4933d93a733b695c2

  • SHA1

    f64ad195f1e01c692d314ccf42aaa6a24f875be1

  • SHA256

    33356c5c95b24786f428b424ce1134df23d93f7a36b9a6b1ef65e4c3ebc9111c

  • SHA512

    688dd2e795de616683c38d3f3b3bfaa4a439cdc1a7d6eed52febdb82491d3e60d770af272539707da0182ab15f95da25cbc57e35e8b3b09df81debb6c51cdfae

  • SSDEEP

    12288:Xy908i+sbC4NgqAQ+vaw8UY/eJ+Avuhdg2MoyzPtxWqFVTQq/dCY:XyBUC4UNJ+qQZLyLWKV/QY

Malware Config

Targets

    • Target

      33356c5c95b24786f428b424ce1134df23d93f7a36b9a6b1ef65e4c3ebc9111c

    • Size

      709KB

    • MD5

      0f8a557c456e76d4933d93a733b695c2

    • SHA1

      f64ad195f1e01c692d314ccf42aaa6a24f875be1

    • SHA256

      33356c5c95b24786f428b424ce1134df23d93f7a36b9a6b1ef65e4c3ebc9111c

    • SHA512

      688dd2e795de616683c38d3f3b3bfaa4a439cdc1a7d6eed52febdb82491d3e60d770af272539707da0182ab15f95da25cbc57e35e8b3b09df81debb6c51cdfae

    • SSDEEP

      12288:Xy908i+sbC4NgqAQ+vaw8UY/eJ+Avuhdg2MoyzPtxWqFVTQq/dCY:XyBUC4UNJ+qQZLyLWKV/QY

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks