Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7a329b0b93590a9eec42518af702296df1ef3f95dceb2fd5106f0cc578301664

  • Size

    695KB

  • Sample

    230425-1flhlsda49

  • MD5

    b41df39c86e8bbff6deb15b02db488f1

  • SHA1

    1be27cca3d1d33bc4ec2e8cc1ccb016702490ed5

  • SHA256

    7a329b0b93590a9eec42518af702296df1ef3f95dceb2fd5106f0cc578301664

  • SHA512

    5283465d5c49bc3acf412b2762478138225dce348c4335038c75dd128c885454466a9ec0ae9fdb5ac4cd1a9c7f0d8963f4eaf846b6a381d09459c9d54d81670e

  • SSDEEP

    12288:Py90G/sP6Wie07Z8o8UbIK9BiCDzax8IkqLSbZeNA2s6:PylfZ79tIK9ECk8fbZaAd6

Malware Config

Targets

    • Target

      7a329b0b93590a9eec42518af702296df1ef3f95dceb2fd5106f0cc578301664

    • Size

      695KB

    • MD5

      b41df39c86e8bbff6deb15b02db488f1

    • SHA1

      1be27cca3d1d33bc4ec2e8cc1ccb016702490ed5

    • SHA256

      7a329b0b93590a9eec42518af702296df1ef3f95dceb2fd5106f0cc578301664

    • SHA512

      5283465d5c49bc3acf412b2762478138225dce348c4335038c75dd128c885454466a9ec0ae9fdb5ac4cd1a9c7f0d8963f4eaf846b6a381d09459c9d54d81670e

    • SSDEEP

      12288:Py90G/sP6Wie07Z8o8UbIK9BiCDzax8IkqLSbZeNA2s6:PylfZ79tIK9ECk8fbZaAd6

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks