Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c96daa6f7b8ef6b94885b7a75143fbc248f4409246d41dd0479ce343889d4a52

  • Size

    694KB

  • Sample

    230426-ftmydafb88

  • MD5

    8ae5aef7737d7024cbfaeba4c3aad5ff

  • SHA1

    f579e1f6e7e252aff037ad94771da07bdc35c8f3

  • SHA256

    c96daa6f7b8ef6b94885b7a75143fbc248f4409246d41dd0479ce343889d4a52

  • SHA512

    0d35d6b37f87b7aa1f39f75c807c9cb420771576d9a7004300ce2e08e767d1dcecf7a87e423a29af6207b799e3d114524a9ad867bb01d384a44d388eb5af4e76

  • SSDEEP

    12288:/y90vaft1Piqz0EPk6FCwpFTeQFRQ716WD6Fq18bwKTA+9Ga275jZpg+5:/y2Y3Piqz0qkRoFFFRwv6Fq18bw4nw5v

Malware Config

Targets

    • Target

      c96daa6f7b8ef6b94885b7a75143fbc248f4409246d41dd0479ce343889d4a52

    • Size

      694KB

    • MD5

      8ae5aef7737d7024cbfaeba4c3aad5ff

    • SHA1

      f579e1f6e7e252aff037ad94771da07bdc35c8f3

    • SHA256

      c96daa6f7b8ef6b94885b7a75143fbc248f4409246d41dd0479ce343889d4a52

    • SHA512

      0d35d6b37f87b7aa1f39f75c807c9cb420771576d9a7004300ce2e08e767d1dcecf7a87e423a29af6207b799e3d114524a9ad867bb01d384a44d388eb5af4e76

    • SSDEEP

      12288:/y90vaft1Piqz0EPk6FCwpFTeQFRQ716WD6Fq18bwKTA+9Ga275jZpg+5:/y2Y3Piqz0qkRoFFFRwv6Fq18bw4nw5v

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks