Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5510c0e40556dec3d7e3055ccc0764378cc5a7c8eb59f7cf51105f49259cbbe0

  • Size

    611KB

  • Sample

    230424-t82a7sdb79

  • MD5

    b69a84d112d30e6bf067197e702cd8ba

  • SHA1

    babc1fec7a3f6a305c454e37a6fe091af1ae703e

  • SHA256

    5510c0e40556dec3d7e3055ccc0764378cc5a7c8eb59f7cf51105f49259cbbe0

  • SHA512

    d73d5db931ab5944d5ed42a619b72035c2ec6c8df8de9f2761b97c8ca223dde9ab46144490383dd98420f1ec725584cf25aea0d16e8a5dceda920bc4de8aa283

  • SSDEEP

    12288:xy90PWUSo0aQykTtTRdoyr6Aa+u+5XfSvNh7CGjho2juRPno/:xyrJo0PyMit+f5XffMO2jsPC

Malware Config

Targets

    • Target

      5510c0e40556dec3d7e3055ccc0764378cc5a7c8eb59f7cf51105f49259cbbe0

    • Size

      611KB

    • MD5

      b69a84d112d30e6bf067197e702cd8ba

    • SHA1

      babc1fec7a3f6a305c454e37a6fe091af1ae703e

    • SHA256

      5510c0e40556dec3d7e3055ccc0764378cc5a7c8eb59f7cf51105f49259cbbe0

    • SHA512

      d73d5db931ab5944d5ed42a619b72035c2ec6c8df8de9f2761b97c8ca223dde9ab46144490383dd98420f1ec725584cf25aea0d16e8a5dceda920bc4de8aa283

    • SSDEEP

      12288:xy90PWUSo0aQykTtTRdoyr6Aa+u+5XfSvNh7CGjho2juRPno/:xyrJo0PyMit+f5XffMO2jsPC

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks