Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    49a39ac2764ebffc961c94b7f933d383831a63968b1e430899a4189a023909b7

  • Size

    1.1MB

  • Sample

    230425-yp5lqsee6y

  • MD5

    66902c8649ba32787dfd2c999a21b81e

  • SHA1

    9fa241124fdef8d3838feb616673dbbeb022b563

  • SHA256

    49a39ac2764ebffc961c94b7f933d383831a63968b1e430899a4189a023909b7

  • SHA512

    42d756e7872c6a3ef7523a198d3716d5e88c22125c419aa9338b1e0458a45643609e3aa4c39dea8f3f24e4721ced0f0760ddaf5a77681e53ff1159353d98eb59

  • SSDEEP

    24576:7yNFZsr4KQ6x727BTjBjTP59reIiIQ3+1QdypbwQowGCjE:uNzgrmTyortwQjP

Malware Config

Targets

    • Target

      49a39ac2764ebffc961c94b7f933d383831a63968b1e430899a4189a023909b7

    • Size

      1.1MB

    • MD5

      66902c8649ba32787dfd2c999a21b81e

    • SHA1

      9fa241124fdef8d3838feb616673dbbeb022b563

    • SHA256

      49a39ac2764ebffc961c94b7f933d383831a63968b1e430899a4189a023909b7

    • SHA512

      42d756e7872c6a3ef7523a198d3716d5e88c22125c419aa9338b1e0458a45643609e3aa4c39dea8f3f24e4721ced0f0760ddaf5a77681e53ff1159353d98eb59

    • SSDEEP

      24576:7yNFZsr4KQ6x727BTjBjTP59reIiIQ3+1QdypbwQowGCjE:uNzgrmTyortwQjP

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks