Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c14b1271b459b6e09689a254d3c8cc7c0016e8c3de024723d24590cc75e739db

  • Size

    752KB

  • Sample

    230424-psqgjsdd8z

  • MD5

    41ba94944b619d14810e8bb046f3fbc0

  • SHA1

    9cdaa9ee435ed6a5d50c2c560dadf11082400de1

  • SHA256

    c14b1271b459b6e09689a254d3c8cc7c0016e8c3de024723d24590cc75e739db

  • SHA512

    144cf275d3847f7ff3c3cbb310bcb6632f238201933823c2c7eea9ec23fc6997387b779778f35ceb251e6cc1220b10cedc710d2c26aa2ee9620420cd1f5b42e4

  • SSDEEP

    12288:Ay90TDaobuQtAf4jZyilC3urW/K7Ye+KhTXnOCgOQM2:Ay62KuQWf6FW/K7YxKhTXOCGj

Malware Config

Targets

    • Target

      c14b1271b459b6e09689a254d3c8cc7c0016e8c3de024723d24590cc75e739db

    • Size

      752KB

    • MD5

      41ba94944b619d14810e8bb046f3fbc0

    • SHA1

      9cdaa9ee435ed6a5d50c2c560dadf11082400de1

    • SHA256

      c14b1271b459b6e09689a254d3c8cc7c0016e8c3de024723d24590cc75e739db

    • SHA512

      144cf275d3847f7ff3c3cbb310bcb6632f238201933823c2c7eea9ec23fc6997387b779778f35ceb251e6cc1220b10cedc710d2c26aa2ee9620420cd1f5b42e4

    • SSDEEP

      12288:Ay90TDaobuQtAf4jZyilC3urW/K7Ye+KhTXnOCgOQM2:Ay62KuQWf6FW/K7YxKhTXOCGj

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks