Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2f7660858c325ac018ef17a3e9642b14eda8d53f12b5918a3eda5995579ef7a3

  • Size

    999KB

  • Sample

    230424-m171fsbd25

  • MD5

    3bcbc6b1306d0bb46163e6cb04c5cbda

  • SHA1

    ca759f50856ea5981a36f9ad2b6af7328e3f5474

  • SHA256

    2f7660858c325ac018ef17a3e9642b14eda8d53f12b5918a3eda5995579ef7a3

  • SHA512

    32019d37d8fcdb9cbf25c0aa37ec338a0fcc4e1bb344ef725bf2c792a5925d323b884f21b94785037d7b177ec18489a9c99abf60d6f3b25a953b0a5f5fc27bb5

  • SSDEEP

    12288:2y90BflAvgHXE8R1SbKxgYHdi7hcVUuYxufBxdjotWe6VEGGn50fBtHFyw:2yUAIlR42xQ7yVUuYxufzpopCgGDww

Malware Config

Targets

    • Target

      2f7660858c325ac018ef17a3e9642b14eda8d53f12b5918a3eda5995579ef7a3

    • Size

      999KB

    • MD5

      3bcbc6b1306d0bb46163e6cb04c5cbda

    • SHA1

      ca759f50856ea5981a36f9ad2b6af7328e3f5474

    • SHA256

      2f7660858c325ac018ef17a3e9642b14eda8d53f12b5918a3eda5995579ef7a3

    • SHA512

      32019d37d8fcdb9cbf25c0aa37ec338a0fcc4e1bb344ef725bf2c792a5925d323b884f21b94785037d7b177ec18489a9c99abf60d6f3b25a953b0a5f5fc27bb5

    • SSDEEP

      12288:2y90BflAvgHXE8R1SbKxgYHdi7hcVUuYxufBxdjotWe6VEGGn50fBtHFyw:2yUAIlR42xQ7yVUuYxufzpopCgGDww

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks