Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9fa999bab772a695af756caf2522a79f81b5f58542603860d9bc4c57c60a8f24

  • Size

    1.1MB

  • Sample

    230425-qy7hpacd8s

  • MD5

    e9746f35cb21b930c22454c671a372a5

  • SHA1

    305d7628f5195baafa7bd846beaa1a9d6bc0844b

  • SHA256

    9fa999bab772a695af756caf2522a79f81b5f58542603860d9bc4c57c60a8f24

  • SHA512

    0819b1824b173431a1b2233ab9231bb87051957be1e8a3032ebd580e82e4736d55df3ea7c8c46a91d4353839caba8285974a203930544161f9a99b181d59a84e

  • SSDEEP

    24576:JyKWwKJMHRiPmNbChp8ag1HtRWuWQgcqFFjUeN7ERU5WKAB8vWV5:8jJqRiOaW9/W9LHdN7ERU1VvW

Malware Config

Targets

    • Target

      9fa999bab772a695af756caf2522a79f81b5f58542603860d9bc4c57c60a8f24

    • Size

      1.1MB

    • MD5

      e9746f35cb21b930c22454c671a372a5

    • SHA1

      305d7628f5195baafa7bd846beaa1a9d6bc0844b

    • SHA256

      9fa999bab772a695af756caf2522a79f81b5f58542603860d9bc4c57c60a8f24

    • SHA512

      0819b1824b173431a1b2233ab9231bb87051957be1e8a3032ebd580e82e4736d55df3ea7c8c46a91d4353839caba8285974a203930544161f9a99b181d59a84e

    • SSDEEP

      24576:JyKWwKJMHRiPmNbChp8ag1HtRWuWQgcqFFjUeN7ERU5WKAB8vWV5:8jJqRiOaW9/W9LHdN7ERU1VvW

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks