Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c8ed32257dd36616094c3a530967b1cb32ebe7403629935eb772832521a6c5b3

  • Size

    567KB

  • Sample

    230423-rdjrkafd6v

  • MD5

    6a45adbf4e77e2df6007838e802838b1

  • SHA1

    7da554b1402dd8ab8052f5bdb7a23abc59b6f540

  • SHA256

    c8ed32257dd36616094c3a530967b1cb32ebe7403629935eb772832521a6c5b3

  • SHA512

    8a3f72eeb7e3c19fc958d6366e3f8936f31a9a99f2b07fdd6b501fc14d3113d03ee27f2f4ca6b96959899cc6258e12f805836d0f4e5039461fd443f55910e21c

  • SSDEEP

    12288:Xy90MN3UfYe3xmLJLXpXX5hYWLTu6qPihIeIGDYO5tl:Xy93qKLFX/NLKniyxGDr5tl

Malware Config

Targets

    • Target

      c8ed32257dd36616094c3a530967b1cb32ebe7403629935eb772832521a6c5b3

    • Size

      567KB

    • MD5

      6a45adbf4e77e2df6007838e802838b1

    • SHA1

      7da554b1402dd8ab8052f5bdb7a23abc59b6f540

    • SHA256

      c8ed32257dd36616094c3a530967b1cb32ebe7403629935eb772832521a6c5b3

    • SHA512

      8a3f72eeb7e3c19fc958d6366e3f8936f31a9a99f2b07fdd6b501fc14d3113d03ee27f2f4ca6b96959899cc6258e12f805836d0f4e5039461fd443f55910e21c

    • SSDEEP

      12288:Xy90MN3UfYe3xmLJLXpXX5hYWLTu6qPihIeIGDYO5tl:Xy93qKLFX/NLKniyxGDr5tl

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks