Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    89b6e82967c1ae4e3fbed36194ffd3ec430aef520cffdca973fc9298df777f2b

  • Size

    1.2MB

  • Sample

    230424-1h99raef95

  • MD5

    1149bcbf5f3300ff59f7902adc9c4990

  • SHA1

    0a98993095ebcb9e9f8d04efc0377134f8c975eb

  • SHA256

    89b6e82967c1ae4e3fbed36194ffd3ec430aef520cffdca973fc9298df777f2b

  • SHA512

    63af0ddbc09c224e3a3d8395189dcb02bd8eb4cbe9b29f1e1ce4d1fae1f8c197767133a6db1c539cc702422c8259359a0e75311a667ec1cc189c334b7f3314b7

  • SSDEEP

    24576:uGxKz+TDUpS+Nmj4NGQpy6X6yzjKdFuU40KUcDL0lNp/bPm:uGMOKSUDNGQp9qKqFR4JUcDLqNp/b

Malware Config

Targets

    • Target

      89b6e82967c1ae4e3fbed36194ffd3ec430aef520cffdca973fc9298df777f2b

    • Size

      1.2MB

    • MD5

      1149bcbf5f3300ff59f7902adc9c4990

    • SHA1

      0a98993095ebcb9e9f8d04efc0377134f8c975eb

    • SHA256

      89b6e82967c1ae4e3fbed36194ffd3ec430aef520cffdca973fc9298df777f2b

    • SHA512

      63af0ddbc09c224e3a3d8395189dcb02bd8eb4cbe9b29f1e1ce4d1fae1f8c197767133a6db1c539cc702422c8259359a0e75311a667ec1cc189c334b7f3314b7

    • SSDEEP

      24576:uGxKz+TDUpS+Nmj4NGQpy6X6yzjKdFuU40KUcDL0lNp/bPm:uGMOKSUDNGQp9qKqFR4JUcDLqNp/b

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks