Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c21188a00659a19d9cf548a70e003704791a356f6d61bdaecc2b8a341323a572

  • Size

    998KB

  • Sample

    230424-mqh9cabc45

  • MD5

    c93356914f6edbe1f05e6b46ca5b24c2

  • SHA1

    2849dfe18049e902abeae54bffcf258bb8d6bb2b

  • SHA256

    c21188a00659a19d9cf548a70e003704791a356f6d61bdaecc2b8a341323a572

  • SHA512

    b0200dddf742e4acef8ffe03434d11413f0b7c95224d286c6367456605d3560ff6b378219200c53aa983653618055af6d1c2c60d878f15f351bbddb4296bd668

  • SSDEEP

    24576:PyrppsSV/g+1JQJf3PtQV5NN2PjlFf8whCWztVBhMGR22/P5SP:arppdJQl3FQxchFfI4BhMin5

Malware Config

Targets

    • Target

      c21188a00659a19d9cf548a70e003704791a356f6d61bdaecc2b8a341323a572

    • Size

      998KB

    • MD5

      c93356914f6edbe1f05e6b46ca5b24c2

    • SHA1

      2849dfe18049e902abeae54bffcf258bb8d6bb2b

    • SHA256

      c21188a00659a19d9cf548a70e003704791a356f6d61bdaecc2b8a341323a572

    • SHA512

      b0200dddf742e4acef8ffe03434d11413f0b7c95224d286c6367456605d3560ff6b378219200c53aa983653618055af6d1c2c60d878f15f351bbddb4296bd668

    • SSDEEP

      24576:PyrppsSV/g+1JQJf3PtQV5NN2PjlFf8whCWztVBhMGR22/P5SP:arppdJQl3FQxchFfI4BhMin5

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks