Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    967eb1626135ea97e1891817075d19134f9eef84a9e81acd1f2694fb52131ad7

  • Size

    1.2MB

  • Sample

    230423-ndbt6sda38

  • MD5

    fb71691177ee4d0189c64d685e0e5aef

  • SHA1

    561ba530014f98ac1a9781bab2b6caf252faad55

  • SHA256

    967eb1626135ea97e1891817075d19134f9eef84a9e81acd1f2694fb52131ad7

  • SHA512

    c475757a4d3f50079b3410a5999ffe6b0378cabe9d3255897dfe74d0739e8dd009de9279927bd2f3840359684bb699e7d38c53c1ff6819169ec32580e838416c

  • SSDEEP

    24576:bs2EkDKc0UEpRfPvnK6fkU1iPCmGafyTAqYW82xxy0hWD5UhgLany+FRsa:EkCUqivPBaAa82xo0ha2Lnya

Malware Config

Targets

    • Target

      967eb1626135ea97e1891817075d19134f9eef84a9e81acd1f2694fb52131ad7

    • Size

      1.2MB

    • MD5

      fb71691177ee4d0189c64d685e0e5aef

    • SHA1

      561ba530014f98ac1a9781bab2b6caf252faad55

    • SHA256

      967eb1626135ea97e1891817075d19134f9eef84a9e81acd1f2694fb52131ad7

    • SHA512

      c475757a4d3f50079b3410a5999ffe6b0378cabe9d3255897dfe74d0739e8dd009de9279927bd2f3840359684bb699e7d38c53c1ff6819169ec32580e838416c

    • SSDEEP

      24576:bs2EkDKc0UEpRfPvnK6fkU1iPCmGafyTAqYW82xxy0hWD5UhgLany+FRsa:EkCUqivPBaAa82xo0ha2Lnya

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks