Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0ddd2e61d94f2dda4929887701067020c066c5487b8f25e04e65173fbb92ef40

  • Size

    562KB

  • Sample

    230423-w9gpasfb82

  • MD5

    93d813664ebb81dd50757bea17860274

  • SHA1

    763bb9b9e27079f9cfa44f7a6108652be5badeee

  • SHA256

    0ddd2e61d94f2dda4929887701067020c066c5487b8f25e04e65173fbb92ef40

  • SHA512

    eca8aef508d5918fa146d291793f454d6adf008094022eeadafa9c61b0fed331042b996d4164c22c2b4fd36bdba5d5d4b4e922f53b5a51163a5e19d1f84b1e7e

  • SSDEEP

    12288:Ty9032oCRu3wH8XEfopBPL0rbeaxjarqSVUhMl:Ty6gugcXEfiBaqoerqSVl

Malware Config

Targets

    • Target

      0ddd2e61d94f2dda4929887701067020c066c5487b8f25e04e65173fbb92ef40

    • Size

      562KB

    • MD5

      93d813664ebb81dd50757bea17860274

    • SHA1

      763bb9b9e27079f9cfa44f7a6108652be5badeee

    • SHA256

      0ddd2e61d94f2dda4929887701067020c066c5487b8f25e04e65173fbb92ef40

    • SHA512

      eca8aef508d5918fa146d291793f454d6adf008094022eeadafa9c61b0fed331042b996d4164c22c2b4fd36bdba5d5d4b4e922f53b5a51163a5e19d1f84b1e7e

    • SSDEEP

      12288:Ty9032oCRu3wH8XEfopBPL0rbeaxjarqSVUhMl:Ty6gugcXEfiBaqoerqSVl

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks