Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a9c76860bd594326d7617159c72fc405fd8a4ba8d49fde6091d7999d42ce665c

  • Size

    1.1MB

  • Sample

    230426-eaachagf6x

  • MD5

    3562a54bd30f2335db72532078ddad3d

  • SHA1

    341794ef7b9f8ed8e69332ca4ade0dfca1450a58

  • SHA256

    a9c76860bd594326d7617159c72fc405fd8a4ba8d49fde6091d7999d42ce665c

  • SHA512

    800f63d26d8e48ed5d2846dc9d3cfba0c2492b2cda6a759d1ffb1466ade88f3579396e5e678d7a2fa58fd36192ee9bef0667f88fed45088853ae3c215186003c

  • SSDEEP

    24576:UyVtH6Ddi44S25tdPxpMiDYX6Ffp8b973SISS0:jzOT+thxprDbf+JmI

Malware Config

Targets

    • Target

      a9c76860bd594326d7617159c72fc405fd8a4ba8d49fde6091d7999d42ce665c

    • Size

      1.1MB

    • MD5

      3562a54bd30f2335db72532078ddad3d

    • SHA1

      341794ef7b9f8ed8e69332ca4ade0dfca1450a58

    • SHA256

      a9c76860bd594326d7617159c72fc405fd8a4ba8d49fde6091d7999d42ce665c

    • SHA512

      800f63d26d8e48ed5d2846dc9d3cfba0c2492b2cda6a759d1ffb1466ade88f3579396e5e678d7a2fa58fd36192ee9bef0667f88fed45088853ae3c215186003c

    • SSDEEP

      24576:UyVtH6Ddi44S25tdPxpMiDYX6Ffp8b973SISS0:jzOT+thxprDbf+JmI

    • Modifies Windows Defender Real-time Protection settings

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks