Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    99b6b989a63dc530504c590690728de7d98a47be5ecbff83af94a678dd7e73e9

  • Size

    566KB

  • Sample

    230423-qy6w6afc31

  • MD5

    57927773fae0de2eb20e52a06106a8b5

  • SHA1

    772e71e185ba303d433cf843a2a2a4340e3ae593

  • SHA256

    99b6b989a63dc530504c590690728de7d98a47be5ecbff83af94a678dd7e73e9

  • SHA512

    ed0d056ee660fd11a8f210e7761a372f2796efa078c5bf1c41dafbc28ffad5a6c45c8c1a594b2a1098a7de44388d651dab32fb5ce8fc9a28d4d80e84ac11a651

  • SSDEEP

    12288:Wy905uLgFSiNYDTmVUZmzdx36osHP78go3rxy:Wy+SiyDTmV9HlsggGU

Malware Config

Targets

    • Target

      99b6b989a63dc530504c590690728de7d98a47be5ecbff83af94a678dd7e73e9

    • Size

      566KB

    • MD5

      57927773fae0de2eb20e52a06106a8b5

    • SHA1

      772e71e185ba303d433cf843a2a2a4340e3ae593

    • SHA256

      99b6b989a63dc530504c590690728de7d98a47be5ecbff83af94a678dd7e73e9

    • SHA512

      ed0d056ee660fd11a8f210e7761a372f2796efa078c5bf1c41dafbc28ffad5a6c45c8c1a594b2a1098a7de44388d651dab32fb5ce8fc9a28d4d80e84ac11a651

    • SSDEEP

      12288:Wy905uLgFSiNYDTmVUZmzdx36osHP78go3rxy:Wy+SiyDTmV9HlsggGU

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks