Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    84156a91bb68398a6bde740f94446d774a808a4eb648d497bd1ba8e996daa661

  • Size

    694KB

  • Sample

    230426-bpr93sgb2v

  • MD5

    7f459715b172300a05782becba49c643

  • SHA1

    c38b3af3ce9a431588fe79d3e57a1ee0fa193cd3

  • SHA256

    84156a91bb68398a6bde740f94446d774a808a4eb648d497bd1ba8e996daa661

  • SHA512

    9179ae06807b494d703f7fad4393142f884c7a64fbcfb61d3f75ceaebc88eaa5faa18232e8a63f1a06ec9b8d815cc41463546463707fd74d7cd084be61656391

  • SSDEEP

    12288:Qy90bLDJWAbJ8d9wOFTJ1xrtYEwWy6Fd18bSKfA+fWafXZ:QyALDJFolFPxrt7Q6Fd18bSQX

Malware Config

Targets

    • Target

      84156a91bb68398a6bde740f94446d774a808a4eb648d497bd1ba8e996daa661

    • Size

      694KB

    • MD5

      7f459715b172300a05782becba49c643

    • SHA1

      c38b3af3ce9a431588fe79d3e57a1ee0fa193cd3

    • SHA256

      84156a91bb68398a6bde740f94446d774a808a4eb648d497bd1ba8e996daa661

    • SHA512

      9179ae06807b494d703f7fad4393142f884c7a64fbcfb61d3f75ceaebc88eaa5faa18232e8a63f1a06ec9b8d815cc41463546463707fd74d7cd084be61656391

    • SSDEEP

      12288:Qy90bLDJWAbJ8d9wOFTJ1xrtYEwWy6Fd18bSKfA+fWafXZ:QyALDJFolFPxrt7Q6Fd18bSQX

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks