Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    799c753afc25c52452ebb20a93aee59063f188440a6ff0383bdf14c3c344ed44

  • Size

    563KB

  • Sample

    230424-bbtwragh94

  • MD5

    3fba57cb8370cab0b5db9e9f03615b0d

  • SHA1

    4355589f1572e39ff630b6a74d17a8476a7bfc6b

  • SHA256

    799c753afc25c52452ebb20a93aee59063f188440a6ff0383bdf14c3c344ed44

  • SHA512

    4a1fa1356eca2f82b801229d9a2568e2bd283534822222547ef6f12d78cc4e3da444c00d48f0d96f73d65d57500ec909556cd5cadc551cd4ce18f5fad13a28c7

  • SSDEEP

    12288:Dy90CVGr7xbAu28RBnr3h5I1Qz20vTTnMRPqDa9D7X:Dy7VGr7JVfrx0cBvTD2i293X

Malware Config

Targets

    • Target

      799c753afc25c52452ebb20a93aee59063f188440a6ff0383bdf14c3c344ed44

    • Size

      563KB

    • MD5

      3fba57cb8370cab0b5db9e9f03615b0d

    • SHA1

      4355589f1572e39ff630b6a74d17a8476a7bfc6b

    • SHA256

      799c753afc25c52452ebb20a93aee59063f188440a6ff0383bdf14c3c344ed44

    • SHA512

      4a1fa1356eca2f82b801229d9a2568e2bd283534822222547ef6f12d78cc4e3da444c00d48f0d96f73d65d57500ec909556cd5cadc551cd4ce18f5fad13a28c7

    • SSDEEP

      12288:Dy90CVGr7xbAu28RBnr3h5I1Qz20vTTnMRPqDa9D7X:Dy7VGr7JVfrx0cBvTD2i293X

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks