Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c6fd4bb4adf2d1a9868795c1a68399b0c38f3bf267c384ad0f023e64a29611f2

  • Size

    704KB

  • Sample

    230423-tqez9aee38

  • MD5

    bcadd94f4f288a6ecb67dc247c0ad8d6

  • SHA1

    32ab1974c7ea644a5766d04bcb73b632d9443031

  • SHA256

    c6fd4bb4adf2d1a9868795c1a68399b0c38f3bf267c384ad0f023e64a29611f2

  • SHA512

    9fa87067ac74488ec56912283cd7bedacf12279ec21f419ba8133252abe5b20769543c4fc0c54d7b1cf1d8ad17e45002b7be9ebfb99f0da01e00e5bc6d94e09f

  • SSDEEP

    12288:5y90GYSLCGjql/kDqpuWvte1i3MKhEcmiX5ivQ8IeZH:5ylYkCUO/8gcIMKqcTXoQ8IeZH

Malware Config

Targets

    • Target

      c6fd4bb4adf2d1a9868795c1a68399b0c38f3bf267c384ad0f023e64a29611f2

    • Size

      704KB

    • MD5

      bcadd94f4f288a6ecb67dc247c0ad8d6

    • SHA1

      32ab1974c7ea644a5766d04bcb73b632d9443031

    • SHA256

      c6fd4bb4adf2d1a9868795c1a68399b0c38f3bf267c384ad0f023e64a29611f2

    • SHA512

      9fa87067ac74488ec56912283cd7bedacf12279ec21f419ba8133252abe5b20769543c4fc0c54d7b1cf1d8ad17e45002b7be9ebfb99f0da01e00e5bc6d94e09f

    • SSDEEP

      12288:5y90GYSLCGjql/kDqpuWvte1i3MKhEcmiX5ivQ8IeZH:5ylYkCUO/8gcIMKqcTXoQ8IeZH

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks