Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d48d0454f6c2f40e692f6d644cd393e83be08a2df3cb59b2868b629c5666224f

  • Size

    700KB

  • Sample

    230425-jf78yahb63

  • MD5

    8854f6853b903a7c43391d50ec3ee04c

  • SHA1

    28171ec16e7ccbe35daa66106b0aecf35ad8bff3

  • SHA256

    d48d0454f6c2f40e692f6d644cd393e83be08a2df3cb59b2868b629c5666224f

  • SHA512

    8a050c5dafca7ae03649a7dc4715cb93a57a71be88e6a36c02bee6a11b89596c27cdac2fcf242e9825241981af5b6df39e0274f67b6bb5e1e749b2c517f97e8d

  • SSDEEP

    12288:0y90pne1uwWpRkKB96VRy9EJCtEG24o9wU0Wa2ORlgkOI:0yKne1a2/GewTp7POI

Malware Config

Targets

    • Target

      d48d0454f6c2f40e692f6d644cd393e83be08a2df3cb59b2868b629c5666224f

    • Size

      700KB

    • MD5

      8854f6853b903a7c43391d50ec3ee04c

    • SHA1

      28171ec16e7ccbe35daa66106b0aecf35ad8bff3

    • SHA256

      d48d0454f6c2f40e692f6d644cd393e83be08a2df3cb59b2868b629c5666224f

    • SHA512

      8a050c5dafca7ae03649a7dc4715cb93a57a71be88e6a36c02bee6a11b89596c27cdac2fcf242e9825241981af5b6df39e0274f67b6bb5e1e749b2c517f97e8d

    • SSDEEP

      12288:0y90pne1uwWpRkKB96VRy9EJCtEG24o9wU0Wa2ORlgkOI:0yKne1a2/GewTp7POI

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks