Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c942d4ab3687a71706558cdc35eb348b71fb49fc5acc29812cc0e9694eb0553c

  • Size

    694KB

  • Sample

    230425-qlvncscd3x

  • MD5

    6ecf96cf587d07a5ddb15fad7714ef93

  • SHA1

    c0442e36bf6da21626542f76f2e62565a6b305fa

  • SHA256

    c942d4ab3687a71706558cdc35eb348b71fb49fc5acc29812cc0e9694eb0553c

  • SHA512

    fbff217f77e29f5eadaaa261250b04ab6333b49a90907f649d3aed7b4b474ef722c02b4ddc26053dcf74b0b95a6cee7e25b7f5902e60b3a6bb67c9a75d22237f

  • SSDEEP

    12288:iy902u7FLbAdk71oaRa8jDh5V/TNKtUgFD5UboWr2/AskaGOjUe5vleu2KT9oK+z:iyRUFha8zBTNOUgFD5fVGOjUKWKTyKEt

Malware Config

Targets

    • Target

      c942d4ab3687a71706558cdc35eb348b71fb49fc5acc29812cc0e9694eb0553c

    • Size

      694KB

    • MD5

      6ecf96cf587d07a5ddb15fad7714ef93

    • SHA1

      c0442e36bf6da21626542f76f2e62565a6b305fa

    • SHA256

      c942d4ab3687a71706558cdc35eb348b71fb49fc5acc29812cc0e9694eb0553c

    • SHA512

      fbff217f77e29f5eadaaa261250b04ab6333b49a90907f649d3aed7b4b474ef722c02b4ddc26053dcf74b0b95a6cee7e25b7f5902e60b3a6bb67c9a75d22237f

    • SSDEEP

      12288:iy902u7FLbAdk71oaRa8jDh5V/TNKtUgFD5UboWr2/AskaGOjUe5vleu2KT9oK+z:iyRUFha8zBTNOUgFD5fVGOjUKWKTyKEt

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks