Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    50e885f00009e02e971e9c5811eb482d0b047dcabf9174df50b047af875bfb40

  • Size

    611KB

  • Sample

    230424-y93b4sgb6s

  • MD5

    56af51b6783b80fe40c252dc758b1d99

  • SHA1

    d3cbb1da1aca6bcefad2f04bbe67eba8bde8b1ec

  • SHA256

    50e885f00009e02e971e9c5811eb482d0b047dcabf9174df50b047af875bfb40

  • SHA512

    a0b01be392cbae520eda361e49c136178d49a2d7064efa543224cb37d74c0e1b41313edb6fc7c959a68d4fb6142d66ad376718a6bcdb0d23ae36c6ecc1fc13f6

  • SSDEEP

    12288:6y90pK4y6PeAKMf7Igbfm8Pv5awoY1jwq2/mcTm4GY6hI6et:6yGK4xbEgbFv5aLY10lmcSZKt

Malware Config

Targets

    • Target

      50e885f00009e02e971e9c5811eb482d0b047dcabf9174df50b047af875bfb40

    • Size

      611KB

    • MD5

      56af51b6783b80fe40c252dc758b1d99

    • SHA1

      d3cbb1da1aca6bcefad2f04bbe67eba8bde8b1ec

    • SHA256

      50e885f00009e02e971e9c5811eb482d0b047dcabf9174df50b047af875bfb40

    • SHA512

      a0b01be392cbae520eda361e49c136178d49a2d7064efa543224cb37d74c0e1b41313edb6fc7c959a68d4fb6142d66ad376718a6bcdb0d23ae36c6ecc1fc13f6

    • SSDEEP

      12288:6y90pK4y6PeAKMf7Igbfm8Pv5awoY1jwq2/mcTm4GY6hI6et:6yGK4xbEgbFv5aLY10lmcSZKt

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks