Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6c573073217cf732b0e920c06d0c249ae4d8aed303601aef5af7902eea1679f3

  • Size

    1.1MB

  • Sample

    230426-l67ffagf53

  • MD5

    c04a1c92da4d4576893e67a3a8de5d47

  • SHA1

    df776b61c628efff86d38103977815ed5756cc02

  • SHA256

    6c573073217cf732b0e920c06d0c249ae4d8aed303601aef5af7902eea1679f3

  • SHA512

    62069e734247e97338bc3cdb0a17a630343e1c9efeef8e92c141a0b475d6c6286c467da079d137e792553029bff9f4f24570568ccab7af9d4a7aea4c11b4c2fc

  • SSDEEP

    24576:7yUEMdep+DWwiCgSDecwPSSS/HY0q+mMZjy7meoXL12kCoOpv:uFMdpWwiCgSzwaPJ3jy6sWq

Malware Config

Targets

    • Target

      6c573073217cf732b0e920c06d0c249ae4d8aed303601aef5af7902eea1679f3

    • Size

      1.1MB

    • MD5

      c04a1c92da4d4576893e67a3a8de5d47

    • SHA1

      df776b61c628efff86d38103977815ed5756cc02

    • SHA256

      6c573073217cf732b0e920c06d0c249ae4d8aed303601aef5af7902eea1679f3

    • SHA512

      62069e734247e97338bc3cdb0a17a630343e1c9efeef8e92c141a0b475d6c6286c467da079d137e792553029bff9f4f24570568ccab7af9d4a7aea4c11b4c2fc

    • SSDEEP

      24576:7yUEMdep+DWwiCgSDecwPSSS/HY0q+mMZjy7meoXL12kCoOpv:uFMdpWwiCgSzwaPJ3jy6sWq

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks