Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    78ce8fb313e4d504c8987f19ff57b434f3673437c51aff121ca07286feb6552a

  • Size

    701KB

  • Sample

    230425-gpmmgsae71

  • MD5

    20893eab8201e5ee1a02927d50cd835e

  • SHA1

    7887d946de1e76746fecc338e6cd5d265045597e

  • SHA256

    78ce8fb313e4d504c8987f19ff57b434f3673437c51aff121ca07286feb6552a

  • SHA512

    4d726e18cc94b156d7e36d0b6adbb1853a92f42f48e482c30e996b6ce44b7f1f4af183e778ac7e16b4bb0228c63495195aa498e5070ac8639b50acd6a542f929

  • SSDEEP

    12288:9y90IL2bOi/cXXv/qjTYF541KZ0fCLk4c8Xf1M913kyEG28o9wa9wNVGl5PzanB8:9yabOlHHwTPKZHfcaGuwesiGRG

Malware Config

Targets

    • Target

      78ce8fb313e4d504c8987f19ff57b434f3673437c51aff121ca07286feb6552a

    • Size

      701KB

    • MD5

      20893eab8201e5ee1a02927d50cd835e

    • SHA1

      7887d946de1e76746fecc338e6cd5d265045597e

    • SHA256

      78ce8fb313e4d504c8987f19ff57b434f3673437c51aff121ca07286feb6552a

    • SHA512

      4d726e18cc94b156d7e36d0b6adbb1853a92f42f48e482c30e996b6ce44b7f1f4af183e778ac7e16b4bb0228c63495195aa498e5070ac8639b50acd6a542f929

    • SSDEEP

      12288:9y90IL2bOi/cXXv/qjTYF541KZ0fCLk4c8Xf1M913kyEG28o9wa9wNVGl5PzanB8:9yabOlHHwTPKZHfcaGuwesiGRG

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks