Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d12cff843e3660cb3220ba560ca058ad20dde17a75191e7347e58a749812cd4b

  • Size

    562KB

  • Sample

    230424-cre8zaah5y

  • MD5

    6882fb46b867009f8ec9118a81e9cf0c

  • SHA1

    a0224a04f6c7055d1ef3f44d03886a949c7f6218

  • SHA256

    d12cff843e3660cb3220ba560ca058ad20dde17a75191e7347e58a749812cd4b

  • SHA512

    0b57a689a954e7b6e092253793e93a8e3d395a4ca6667ef94736805f5ba40b01e79877c515f55c65db2b520b67782f3562d30d248ac548798868ec3cb451f0cf

  • SSDEEP

    12288:/y902iu5WAcHROhYDwxDbGFoinI87/cw7I2U:/ytVINkDbGGiImcCU

Malware Config

Targets

    • Target

      d12cff843e3660cb3220ba560ca058ad20dde17a75191e7347e58a749812cd4b

    • Size

      562KB

    • MD5

      6882fb46b867009f8ec9118a81e9cf0c

    • SHA1

      a0224a04f6c7055d1ef3f44d03886a949c7f6218

    • SHA256

      d12cff843e3660cb3220ba560ca058ad20dde17a75191e7347e58a749812cd4b

    • SHA512

      0b57a689a954e7b6e092253793e93a8e3d395a4ca6667ef94736805f5ba40b01e79877c515f55c65db2b520b67782f3562d30d248ac548798868ec3cb451f0cf

    • SSDEEP

      12288:/y902iu5WAcHROhYDwxDbGFoinI87/cw7I2U:/ytVINkDbGGiImcCU

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks