Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fb113ffa658f6479ead5786069f84583c2c101ace103deb193c90be34d48b31e

  • Size

    697KB

  • Sample

    230426-m6axxagg99

  • MD5

    a7eef0d57b1cabbd1ec7db966fbd44df

  • SHA1

    b7e1326332a8532ffeea9cfb90b87c01ae7a9134

  • SHA256

    fb113ffa658f6479ead5786069f84583c2c101ace103deb193c90be34d48b31e

  • SHA512

    a38c870e049845d609e4f7203848ee8e040b457d303e1e56b6f9fe636c830661abae71dc1b6dccecd2f3ac452b8d30a2ca0229204363c2547c21da9cc9eecf0b

  • SSDEEP

    12288:my9024wQW+0AWA1ClRzNZQ31a/eL7vqI+MdhhFJQ3ZRhuKH/0iDDe7VFY:myN4K+0rldg1a/yHhFJUjls8e7VFY

Malware Config

Targets

    • Target

      fb113ffa658f6479ead5786069f84583c2c101ace103deb193c90be34d48b31e

    • Size

      697KB

    • MD5

      a7eef0d57b1cabbd1ec7db966fbd44df

    • SHA1

      b7e1326332a8532ffeea9cfb90b87c01ae7a9134

    • SHA256

      fb113ffa658f6479ead5786069f84583c2c101ace103deb193c90be34d48b31e

    • SHA512

      a38c870e049845d609e4f7203848ee8e040b457d303e1e56b6f9fe636c830661abae71dc1b6dccecd2f3ac452b8d30a2ca0229204363c2547c21da9cc9eecf0b

    • SSDEEP

      12288:my9024wQW+0AWA1ClRzNZQ31a/eL7vqI+MdhhFJQ3ZRhuKH/0iDDe7VFY:myN4K+0rldg1a/yHhFJUjls8e7VFY

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks