Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e3cc900664418e839d1c2c7684f75aa8e50afa3b367b8b2b0c3bf7b2d115baf8

  • Size

    695KB

  • Sample

    230425-wc68paca63

  • MD5

    5455061b8e9507ceb125e715919062fd

  • SHA1

    d988671f80062006b1d1c61701a13d6ef069eeba

  • SHA256

    e3cc900664418e839d1c2c7684f75aa8e50afa3b367b8b2b0c3bf7b2d115baf8

  • SHA512

    a51a7a6a86a90b9e36362514f005f9e9f1c80c26fa6a1841c3f3b41c25475ffa8a7753836ed44d2440fecb29952260cb227b6e090de2f6749f424d9277ee9a5e

  • SSDEEP

    12288:xy903KNwvnOc9E9mCDPAwi46P9W8g89ppreUPcdC54dV45VNU73/CHxyr:xyT2OKE9LDG4CEo/GD/0NU7322

Malware Config

Targets

    • Target

      e3cc900664418e839d1c2c7684f75aa8e50afa3b367b8b2b0c3bf7b2d115baf8

    • Size

      695KB

    • MD5

      5455061b8e9507ceb125e715919062fd

    • SHA1

      d988671f80062006b1d1c61701a13d6ef069eeba

    • SHA256

      e3cc900664418e839d1c2c7684f75aa8e50afa3b367b8b2b0c3bf7b2d115baf8

    • SHA512

      a51a7a6a86a90b9e36362514f005f9e9f1c80c26fa6a1841c3f3b41c25475ffa8a7753836ed44d2440fecb29952260cb227b6e090de2f6749f424d9277ee9a5e

    • SSDEEP

      12288:xy903KNwvnOc9E9mCDPAwi46P9W8g89ppreUPcdC54dV45VNU73/CHxyr:xyT2OKE9LDG4CEo/GD/0NU7322

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks