Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b6da63886ab7ac9aba71256db97320bc87df723bc0e05bd2ada855cb781f4ad9

  • Size

    703KB

  • Sample

    230423-yq81jshb91

  • MD5

    6585bb5d3cb98bfc047887004a391a89

  • SHA1

    114e95381d54aa8b2f4d27c289ac3dc968da3ac0

  • SHA256

    b6da63886ab7ac9aba71256db97320bc87df723bc0e05bd2ada855cb781f4ad9

  • SHA512

    58847814eabefbbe3e328ec0582c165261de371c17813aea7b886886f968fc63327cbdb279423e436378ada797aaed80113afcd11ec5b578174a3d3466e88e0b

  • SSDEEP

    12288:Ay90iaN9rTpFLNadmBJ6MlqOr1R49xizV0VFbEifIT52kMxtlscILSYrb/XFB/SM:AyA9rFFLPBJ639ozV0ViifjkMnYnrb/j

Malware Config

Targets

    • Target

      b6da63886ab7ac9aba71256db97320bc87df723bc0e05bd2ada855cb781f4ad9

    • Size

      703KB

    • MD5

      6585bb5d3cb98bfc047887004a391a89

    • SHA1

      114e95381d54aa8b2f4d27c289ac3dc968da3ac0

    • SHA256

      b6da63886ab7ac9aba71256db97320bc87df723bc0e05bd2ada855cb781f4ad9

    • SHA512

      58847814eabefbbe3e328ec0582c165261de371c17813aea7b886886f968fc63327cbdb279423e436378ada797aaed80113afcd11ec5b578174a3d3466e88e0b

    • SSDEEP

      12288:Ay90iaN9rTpFLNadmBJ6MlqOr1R49xizV0VFbEifIT52kMxtlscILSYrb/XFB/SM:AyA9rFFLPBJ639ozV0ViifjkMnYnrb/j

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks