Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a025f265e0e86ad71b00b3c6b14214dfd900e0812571adfc7a4c5e1a99105c5c

  • Size

    695KB

  • Sample

    230425-w6bc4scc56

  • MD5

    6c097f3a8c5fb3e992de5eced411343d

  • SHA1

    2d711b14af8a1770dba20d90bd29bfaa6ec42a85

  • SHA256

    a025f265e0e86ad71b00b3c6b14214dfd900e0812571adfc7a4c5e1a99105c5c

  • SHA512

    ad6fe6eb7ac7da6ee3177c6dee9d11790e9efd8761ff550945ab9043325992c85fac492dcd899545e25847d1c917dd45bdbf9570edad70892272d3a51a3d2c81

  • SSDEEP

    12288:5vy90b5xkHwi3M1MFtzr2IrSYhApGYemqlniBVdUN0cRKbPFaBmCEv0f2:1yV181MFtQYh9YrqlcdUe7bw7f2

Malware Config

Targets

    • Target

      a025f265e0e86ad71b00b3c6b14214dfd900e0812571adfc7a4c5e1a99105c5c

    • Size

      695KB

    • MD5

      6c097f3a8c5fb3e992de5eced411343d

    • SHA1

      2d711b14af8a1770dba20d90bd29bfaa6ec42a85

    • SHA256

      a025f265e0e86ad71b00b3c6b14214dfd900e0812571adfc7a4c5e1a99105c5c

    • SHA512

      ad6fe6eb7ac7da6ee3177c6dee9d11790e9efd8761ff550945ab9043325992c85fac492dcd899545e25847d1c917dd45bdbf9570edad70892272d3a51a3d2c81

    • SSDEEP

      12288:5vy90b5xkHwi3M1MFtzr2IrSYhApGYemqlniBVdUN0cRKbPFaBmCEv0f2:1yV181MFtQYh9YrqlcdUe7bw7f2

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks