Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    db5e0a7d7dda10e8498b04b515ea83beffdd8d8a991347a4295d4e4a18864836

  • Size

    642KB

  • Sample

    230426-e96jzsfb36

  • MD5

    2970144e68a0affa649b571c9d555ec8

  • SHA1

    578fe9a657c5103e01c1996a7bb848a2318837ad

  • SHA256

    db5e0a7d7dda10e8498b04b515ea83beffdd8d8a991347a4295d4e4a18864836

  • SHA512

    3a7cb96f9a9621bf3f244a41e9b4f18f2b2819b15008849d2ea37fd96591fe36495df3576ff473b61156af486daadd11ccf97596fcfb8908734e2d35dca55575

  • SSDEEP

    12288:/y90D2KUA2tWHhRj9nYlVtB1JiXvlHqWW6jI1qbPK3A+1UQS+VRC:/yC2KhtHfj+b1Evt66jI1qbPorUQJVRC

Malware Config

Targets

    • Target

      db5e0a7d7dda10e8498b04b515ea83beffdd8d8a991347a4295d4e4a18864836

    • Size

      642KB

    • MD5

      2970144e68a0affa649b571c9d555ec8

    • SHA1

      578fe9a657c5103e01c1996a7bb848a2318837ad

    • SHA256

      db5e0a7d7dda10e8498b04b515ea83beffdd8d8a991347a4295d4e4a18864836

    • SHA512

      3a7cb96f9a9621bf3f244a41e9b4f18f2b2819b15008849d2ea37fd96591fe36495df3576ff473b61156af486daadd11ccf97596fcfb8908734e2d35dca55575

    • SSDEEP

      12288:/y90D2KUA2tWHhRj9nYlVtB1JiXvlHqWW6jI1qbPK3A+1UQS+VRC:/yC2KhtHfj+b1Evt66jI1qbPorUQJVRC

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks