Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6d88abf20a98acdfcce7f6acce07abe894d33fcf0192d701a6d3b8df9c70341c

  • Size

    746KB

  • Sample

    230425-eppqqsgd33

  • MD5

    51dc7c6d56f9a2a738bdc55dcfe0e916

  • SHA1

    b787c970f9542d8158b7170b679dd1bb0e5334ec

  • SHA256

    6d88abf20a98acdfcce7f6acce07abe894d33fcf0192d701a6d3b8df9c70341c

  • SHA512

    a861929286112ebd6b2a0d56a4dd271402e41faf01f3b8cb906813150f7e7064ae10b6f3072688fcb023844ce480e7cd7a8d55d7ce279b69ff67d6841b9ae923

  • SSDEEP

    12288:Cy90qOiQKB2HYFpMcxkPxg34YyP7scXrMIZt3JDi960BtPXSQBt0/aO1xfr:CyJ5Qxg+rPx0457scXrv9RnMPXSQBtCH

Malware Config

Targets

    • Target

      6d88abf20a98acdfcce7f6acce07abe894d33fcf0192d701a6d3b8df9c70341c

    • Size

      746KB

    • MD5

      51dc7c6d56f9a2a738bdc55dcfe0e916

    • SHA1

      b787c970f9542d8158b7170b679dd1bb0e5334ec

    • SHA256

      6d88abf20a98acdfcce7f6acce07abe894d33fcf0192d701a6d3b8df9c70341c

    • SHA512

      a861929286112ebd6b2a0d56a4dd271402e41faf01f3b8cb906813150f7e7064ae10b6f3072688fcb023844ce480e7cd7a8d55d7ce279b69ff67d6841b9ae923

    • SSDEEP

      12288:Cy90qOiQKB2HYFpMcxkPxg34YyP7scXrMIZt3JDi960BtPXSQBt0/aO1xfr:CyJ5Qxg+rPx0457scXrv9RnMPXSQBtCH

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks