Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    aa11a78d4a74859dd36133c3fffde1ae81dc6efddb29fbbbe602bcdae14ec77f

  • Size

    567KB

  • Sample

    230423-pxmw8add34

  • MD5

    11fe58514130585d3ecade74b9207d58

  • SHA1

    610cfe5788e104f2688a49d739732d24fca38a58

  • SHA256

    aa11a78d4a74859dd36133c3fffde1ae81dc6efddb29fbbbe602bcdae14ec77f

  • SHA512

    0f9cf85cda92e5a4ac0aeb4672afd759e4166c5c0a4448de11bad4fa8dbe1bd9eb746ac2bcdfb84e03e5d657c43ba4fa00d62b4bcfd3c35c9ac9a54b80fdcdb1

  • SSDEEP

    12288:+y903BwX8TYg1dX3NoRaP0Cuol4ff9PRF:+yaBwMseBiRuu0G

Malware Config

Targets

    • Target

      aa11a78d4a74859dd36133c3fffde1ae81dc6efddb29fbbbe602bcdae14ec77f

    • Size

      567KB

    • MD5

      11fe58514130585d3ecade74b9207d58

    • SHA1

      610cfe5788e104f2688a49d739732d24fca38a58

    • SHA256

      aa11a78d4a74859dd36133c3fffde1ae81dc6efddb29fbbbe602bcdae14ec77f

    • SHA512

      0f9cf85cda92e5a4ac0aeb4672afd759e4166c5c0a4448de11bad4fa8dbe1bd9eb746ac2bcdfb84e03e5d657c43ba4fa00d62b4bcfd3c35c9ac9a54b80fdcdb1

    • SSDEEP

      12288:+y903BwX8TYg1dX3NoRaP0Cuol4ff9PRF:+yaBwMseBiRuu0G

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks