Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b82da5037d681f95502aea602dcb13a87ac538274adb500dc7df51fc4fbff2a0

  • Size

    746KB

  • Sample

    230425-d33dbaaa4v

  • MD5

    2778d9a56bc7d06a899d3b173b435615

  • SHA1

    7d9ebea827ebdfab87c31593e5632da55dbdcc29

  • SHA256

    b82da5037d681f95502aea602dcb13a87ac538274adb500dc7df51fc4fbff2a0

  • SHA512

    3b4132186cd06ba556c48c40e8b4d36e55cb5734b1cbd3742e4e5942f93da2a60b0a91fd8a0fc2155e70693c4d49208f45c2e949c525b7d6415cb4470115cf4f

  • SSDEEP

    12288:ty90/5NRCgtbdGKrhoF4gqn27aYZEk/VStq9oABtnXBfLxdxeOaB:tyy5zltbrhoFm8a6otZgnX1LxdxeOa

Malware Config

Targets

    • Target

      b82da5037d681f95502aea602dcb13a87ac538274adb500dc7df51fc4fbff2a0

    • Size

      746KB

    • MD5

      2778d9a56bc7d06a899d3b173b435615

    • SHA1

      7d9ebea827ebdfab87c31593e5632da55dbdcc29

    • SHA256

      b82da5037d681f95502aea602dcb13a87ac538274adb500dc7df51fc4fbff2a0

    • SHA512

      3b4132186cd06ba556c48c40e8b4d36e55cb5734b1cbd3742e4e5942f93da2a60b0a91fd8a0fc2155e70693c4d49208f45c2e949c525b7d6415cb4470115cf4f

    • SSDEEP

      12288:ty90/5NRCgtbdGKrhoF4gqn27aYZEk/VStq9oABtnXBfLxdxeOaB:tyy5zltbrhoFm8a6otZgnX1LxdxeOa

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks