Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    20a43c0d829e609bdae1ba53962f9ba763c61c3659f788db6d388ecb814e684b

  • Size

    695KB

  • Sample

    230425-1lhc5seh9z

  • MD5

    d4d362616a2f8d17809720991a62010a

  • SHA1

    2c2ef026cf9ceb3f4ecc035df312bfc16c8d47a8

  • SHA256

    20a43c0d829e609bdae1ba53962f9ba763c61c3659f788db6d388ecb814e684b

  • SHA512

    fb36ab95a16cf80c17e35f571fcd71b04b4f141686746bd11b87b852d92e50c49d5bcab74ad91652a9194199ae8ef6c984b9c29f0e6fd4fd710294df66c7690f

  • SSDEEP

    12288:Ny90pkASIj0uh8mP3H8xQAaXfy7vzxy7RqZSbZe+qpCoLGe:Ny9puvP3xAaUyFbZbW

Malware Config

Targets

    • Target

      20a43c0d829e609bdae1ba53962f9ba763c61c3659f788db6d388ecb814e684b

    • Size

      695KB

    • MD5

      d4d362616a2f8d17809720991a62010a

    • SHA1

      2c2ef026cf9ceb3f4ecc035df312bfc16c8d47a8

    • SHA256

      20a43c0d829e609bdae1ba53962f9ba763c61c3659f788db6d388ecb814e684b

    • SHA512

      fb36ab95a16cf80c17e35f571fcd71b04b4f141686746bd11b87b852d92e50c49d5bcab74ad91652a9194199ae8ef6c984b9c29f0e6fd4fd710294df66c7690f

    • SSDEEP

      12288:Ny90pkASIj0uh8mP3H8xQAaXfy7vzxy7RqZSbZe+qpCoLGe:Ny9puvP3xAaUyFbZbW

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks