Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c187eddaa4a16be54cf3550e4b3451573eb7f6433ea15c1748bef6e81c132456

  • Size

    695KB

  • Sample

    230425-1tmmtsda98

  • MD5

    a8709c5161ec9e1e1942deac36812edb

  • SHA1

    cc95d4c90c83eb13ae4ecae8cdf4d064c1706e1b

  • SHA256

    c187eddaa4a16be54cf3550e4b3451573eb7f6433ea15c1748bef6e81c132456

  • SHA512

    1e970cfde4771230e333a2208f6e948258bc09115042b5066c02887a5fe1f875cd4cbabf2e72a0af9c95764de0ff5fb3f73402439e330c5c9f0764eb9f0a0a47

  • SSDEEP

    12288:Ty90nsYfeQySdHbMcX8nMOqQTDj7XS83XxFdOqHSbZeSN0z1QggBsv:TyOlXymHbMcoGCDjGkFsbZoCggB0

Malware Config

Targets

    • Target

      c187eddaa4a16be54cf3550e4b3451573eb7f6433ea15c1748bef6e81c132456

    • Size

      695KB

    • MD5

      a8709c5161ec9e1e1942deac36812edb

    • SHA1

      cc95d4c90c83eb13ae4ecae8cdf4d064c1706e1b

    • SHA256

      c187eddaa4a16be54cf3550e4b3451573eb7f6433ea15c1748bef6e81c132456

    • SHA512

      1e970cfde4771230e333a2208f6e948258bc09115042b5066c02887a5fe1f875cd4cbabf2e72a0af9c95764de0ff5fb3f73402439e330c5c9f0764eb9f0a0a47

    • SSDEEP

      12288:Ty90nsYfeQySdHbMcX8nMOqQTDj7XS83XxFdOqHSbZeSN0z1QggBsv:TyOlXymHbMcoGCDjGkFsbZoCggB0

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks