Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d8367777c05a8973d1ec20f2bf9c0d9908fbae476259209f93e90f7c0ea39e25
-
Size
695KB
-
Sample
230425-xwsebaec7z
-
MD5
2fda2bbfa6c8b693d069b2acc099195c
-
SHA1
5ed21d32853c79a205001c52091a6ee62f8e8cf3
-
SHA256
d8367777c05a8973d1ec20f2bf9c0d9908fbae476259209f93e90f7c0ea39e25
-
SHA512
a927be850ad44834bf170df47252780f1cd43db92c4a3130af2e3932d600b0f48f257045829ac286ebc6f6aa70e5b8e4468fd0cfbe40082beb1d3073f05235eb
-
SSDEEP
12288:+y90pQ2ToWFVRL0L2NoFhMdzpw1HqlniLVdUN0cRgbPZiBQuyWNYGQ8hCg:+yGTo0Vd0kmhMdzGHqlCdUeXbuNOI
Malware Config
Targets
-
-
Target
d8367777c05a8973d1ec20f2bf9c0d9908fbae476259209f93e90f7c0ea39e25
-
Size
695KB
-
MD5
2fda2bbfa6c8b693d069b2acc099195c
-
SHA1
5ed21d32853c79a205001c52091a6ee62f8e8cf3
-
SHA256
d8367777c05a8973d1ec20f2bf9c0d9908fbae476259209f93e90f7c0ea39e25
-
SHA512
a927be850ad44834bf170df47252780f1cd43db92c4a3130af2e3932d600b0f48f257045829ac286ebc6f6aa70e5b8e4468fd0cfbe40082beb1d3073f05235eb
-
SSDEEP
12288:+y90pQ2ToWFVRL0L2NoFhMdzpw1HqlniLVdUN0cRgbPZiBQuyWNYGQ8hCg:+yGTo0Vd0kmhMdzGHqlCdUeXbuNOI
Score10/10-
Modifies Windows Defender Real-time Protection settings
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Windows security modification
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-