Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5d04c1519526002652f8091ccdae6e45ee3c26f784e78ab5c034e68c6f520ca9

  • Size

    1.1MB

  • Sample

    230425-t25eaabe46

  • MD5

    a7f2e4db72a4288a73b4378b5c889c44

  • SHA1

    3c717fdcdf81192fd5435e351f2dc9d505058304

  • SHA256

    5d04c1519526002652f8091ccdae6e45ee3c26f784e78ab5c034e68c6f520ca9

  • SHA512

    c2f895a6c2d6c3bb5124d9231e2ab4fa8c6d00095abfbe81a41969ce87b07c48f14d02dacf850cfc0d3b44b42132d050bfc05143d2c6ad36c2a98e194feaaafa

  • SSDEEP

    24576:6yUyowZTKloLiXcUxQ7kH2WCvc06ks11y74+DueJqdW:BUZMhIWWCvcxkm+Dzqd

Malware Config

Targets

    • Target

      5d04c1519526002652f8091ccdae6e45ee3c26f784e78ab5c034e68c6f520ca9

    • Size

      1.1MB

    • MD5

      a7f2e4db72a4288a73b4378b5c889c44

    • SHA1

      3c717fdcdf81192fd5435e351f2dc9d505058304

    • SHA256

      5d04c1519526002652f8091ccdae6e45ee3c26f784e78ab5c034e68c6f520ca9

    • SHA512

      c2f895a6c2d6c3bb5124d9231e2ab4fa8c6d00095abfbe81a41969ce87b07c48f14d02dacf850cfc0d3b44b42132d050bfc05143d2c6ad36c2a98e194feaaafa

    • SSDEEP

      24576:6yUyowZTKloLiXcUxQ7kH2WCvc06ks11y74+DueJqdW:BUZMhIWWCvcxkm+Dzqd

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks