Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9146b8cdfeb1a0700b7a19ad2f7b4da0.bin

  • Size

    522KB

  • Sample

    230425-b1tx2she8s

  • MD5

    804e5b57b411dbc2f8f7e1fcfa7259a4

  • SHA1

    fee1a15cf64f0a909e889a75c88748ac29e1455a

  • SHA256

    4365aaa2fe55400997d37601d015e847777b41a3f058625b22246e1d443d9c3d

  • SHA512

    c5839f4c76200d095f99e872d99411ae5698aeac91273f65cd92691872700723c32eb0806ba7526506324e67f65139bf8e01b410d915d577a95987bd8f041e58

  • SSDEEP

    12288:hl/sIAAHe8PxfVbsvCuj7ItKly0aq22vSw86REuXIfUaMkN:L/swHfVkj7/c0PdA18IsaZ

Malware Config

Targets

    • Target

      c55c309bcd68445c253b179b160216244bed16d5ad6ef9b9d6f39e559807c547.exe

    • Size

      566KB

    • MD5

      9146b8cdfeb1a0700b7a19ad2f7b4da0

    • SHA1

      c109f4459d35293a1f4f483cf2e51a6f006c7b71

    • SHA256

      c55c309bcd68445c253b179b160216244bed16d5ad6ef9b9d6f39e559807c547

    • SHA512

      1b45be58080e4854f15e85b03ab8170ea60dea0e3283fa3f994c5454cc401680d750e40700949a79035937c93c98352ffba368df0eaf37cb0daf654915aa5b17

    • SSDEEP

      12288:0y90Y/KGIgM+Nay2ggoR3gGh2qPs1J1CBHsFIp1XRc:0yKGIgoyDR3wqU1J1CBHsyXRc

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks