Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a390aaaea01d1a7d8deb61709d8b68f722815dab67abd8682b722c007f2f7882

  • Size

    703KB

  • Sample

    230423-yjwfwahb6v

  • MD5

    46985f563763312cba830129a7c002eb

  • SHA1

    260b8c38fecbb4ccb97166da73136b45046d6552

  • SHA256

    a390aaaea01d1a7d8deb61709d8b68f722815dab67abd8682b722c007f2f7882

  • SHA512

    9c5727963872b1c9b42f5fc05c6a741e7605f452895c9283c4088f71b609ae5ce182200239a043d93cdf412f595b842562c5dcb0e886bb681d531c10c7c300ed

  • SSDEEP

    12288:iy90l4c8RkMf0sxmSvp0HBGlqoDWfU7t3Yr3Fy5jqEFXFD050rXea/imt65fKOj:iy/Zf8kmG0z4L7Fm05jqEFVDnOxmU5fZ

Malware Config

Targets

    • Target

      a390aaaea01d1a7d8deb61709d8b68f722815dab67abd8682b722c007f2f7882

    • Size

      703KB

    • MD5

      46985f563763312cba830129a7c002eb

    • SHA1

      260b8c38fecbb4ccb97166da73136b45046d6552

    • SHA256

      a390aaaea01d1a7d8deb61709d8b68f722815dab67abd8682b722c007f2f7882

    • SHA512

      9c5727963872b1c9b42f5fc05c6a741e7605f452895c9283c4088f71b609ae5ce182200239a043d93cdf412f595b842562c5dcb0e886bb681d531c10c7c300ed

    • SSDEEP

      12288:iy90l4c8RkMf0sxmSvp0HBGlqoDWfU7t3Yr3Fy5jqEFXFD050rXea/imt65fKOj:iy/Zf8kmG0z4L7Fm05jqEFVDnOxmU5fZ

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks