Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3d1cba5c8fe9cfa6d8d906db8804fc47d831c4c075af2a98b5b91a6bb506c689

  • Size

    746KB

  • Sample

    230425-d7w24agc45

  • MD5

    e5974f2bd53dada43315897b7c694400

  • SHA1

    995bfd4cd02a73bda54a534cb86ac08fb5f3a038

  • SHA256

    3d1cba5c8fe9cfa6d8d906db8804fc47d831c4c075af2a98b5b91a6bb506c689

  • SHA512

    4831760f789a12c18f257d4b548f2748a68fbc2b04b07d1511d22bcede80736f515850f329ec5bffefdc87068d9e05f0fb894203d3a3e60f68ecdeb3dcb612c4

  • SSDEEP

    12288:uy90yejPqj4YKMQSZEZZKDhvapvYEu4B+k6BVYm9yIBtQXROsVgJqR0N:uyWSjNKMAZ0GYbloYQXNVoqm

Malware Config

Targets

    • Target

      3d1cba5c8fe9cfa6d8d906db8804fc47d831c4c075af2a98b5b91a6bb506c689

    • Size

      746KB

    • MD5

      e5974f2bd53dada43315897b7c694400

    • SHA1

      995bfd4cd02a73bda54a534cb86ac08fb5f3a038

    • SHA256

      3d1cba5c8fe9cfa6d8d906db8804fc47d831c4c075af2a98b5b91a6bb506c689

    • SHA512

      4831760f789a12c18f257d4b548f2748a68fbc2b04b07d1511d22bcede80736f515850f329ec5bffefdc87068d9e05f0fb894203d3a3e60f68ecdeb3dcb612c4

    • SSDEEP

      12288:uy90yejPqj4YKMQSZEZZKDhvapvYEu4B+k6BVYm9yIBtQXROsVgJqR0N:uyWSjNKMAZ0GYbloYQXNVoqm

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks