Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4e27b11d87fb4aa0a37a042a730be4f1b772c44374efff461d596d8b8ecd5cd6

  • Size

    1.3MB

  • Sample

    230424-hg74wsbh4z

  • MD5

    1294a90a1ec43b46bf1662307ebff2ae

  • SHA1

    cd0ebb171efdfba73f6f45c48c1f372963c1cca1

  • SHA256

    4e27b11d87fb4aa0a37a042a730be4f1b772c44374efff461d596d8b8ecd5cd6

  • SHA512

    89148bf43da8780fa08ba4728c61c455185392dde4d6634ea4ddd384dd6a86d4695551767a81428e60d87f7e55fbacd4cc66d0f7827f23d58bac086270c92a1a

  • SSDEEP

    24576:kOR69vbjPC6E/ejiI631d0ALtKexAQGCFs/y6aHW+uiwEfxaQ+1NG/GtS:kOObbE2ji/1KC8ip5aQcI+t

Malware Config

Targets

    • Target

      4e27b11d87fb4aa0a37a042a730be4f1b772c44374efff461d596d8b8ecd5cd6

    • Size

      1.3MB

    • MD5

      1294a90a1ec43b46bf1662307ebff2ae

    • SHA1

      cd0ebb171efdfba73f6f45c48c1f372963c1cca1

    • SHA256

      4e27b11d87fb4aa0a37a042a730be4f1b772c44374efff461d596d8b8ecd5cd6

    • SHA512

      89148bf43da8780fa08ba4728c61c455185392dde4d6634ea4ddd384dd6a86d4695551767a81428e60d87f7e55fbacd4cc66d0f7827f23d58bac086270c92a1a

    • SSDEEP

      24576:kOR69vbjPC6E/ejiI631d0ALtKexAQGCFs/y6aHW+uiwEfxaQ+1NG/GtS:kOObbE2ji/1KC8ip5aQcI+t

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks