Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b60d996062d1f8ab304a751ceb3a69e4802311273c020d74be4e2d85a538d13f
-
Size
705KB
-
Sample
230423-nec4maef31
-
MD5
4f8181e74776ed9e1a4bdcdab364eba8
-
SHA1
4f0c5ba0c3f941dcdf54c7db93e1f6a22371c042
-
SHA256
b60d996062d1f8ab304a751ceb3a69e4802311273c020d74be4e2d85a538d13f
-
SHA512
1cdbd14c6e9e8655973af8fc2411d098daf3ae9fdd8f116e76cb7e6f7748474e6e2124e417c999fed8c1f99c5d9ad7e9d329702752463cfbeca7309fc1e954ac
-
SSDEEP
12288:Gy905daqWA6tuf7YZUt4xBZM5nfzQR8vLb1g23oyzPmZhedd0R7JQGf:Gygdaqv6tU6UtZ5fzI8vLbRYyGh0ChJJ
Malware Config
Targets
-
-
Target
b60d996062d1f8ab304a751ceb3a69e4802311273c020d74be4e2d85a538d13f
-
Size
705KB
-
MD5
4f8181e74776ed9e1a4bdcdab364eba8
-
SHA1
4f0c5ba0c3f941dcdf54c7db93e1f6a22371c042
-
SHA256
b60d996062d1f8ab304a751ceb3a69e4802311273c020d74be4e2d85a538d13f
-
SHA512
1cdbd14c6e9e8655973af8fc2411d098daf3ae9fdd8f116e76cb7e6f7748474e6e2124e417c999fed8c1f99c5d9ad7e9d329702752463cfbeca7309fc1e954ac
-
SSDEEP
12288:Gy905daqWA6tuf7YZUt4xBZM5nfzQR8vLb1g23oyzPmZhedd0R7JQGf:Gygdaqv6tU6UtZ5fzI8vLbRYyGh0ChJJ
Score10/10-
Modifies Windows Defender Real-time Protection settings
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Windows security modification
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-