Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fb113ffa658f6479ead5786069f84583c2c101ace103deb193c90be34d48b31e

  • Size

    697KB

  • Sample

    230426-m6axxagg99

  • MD5

    a7eef0d57b1cabbd1ec7db966fbd44df

  • SHA1

    b7e1326332a8532ffeea9cfb90b87c01ae7a9134

  • SHA256

    fb113ffa658f6479ead5786069f84583c2c101ace103deb193c90be34d48b31e

  • SHA512

    a38c870e049845d609e4f7203848ee8e040b457d303e1e56b6f9fe636c830661abae71dc1b6dccecd2f3ac452b8d30a2ca0229204363c2547c21da9cc9eecf0b

  • SSDEEP

    12288:my9024wQW+0AWA1ClRzNZQ31a/eL7vqI+MdhhFJQ3ZRhuKH/0iDDe7VFY:myN4K+0rldg1a/yHhFJUjls8e7VFY

Malware Config

Targets

    • Target

      fb113ffa658f6479ead5786069f84583c2c101ace103deb193c90be34d48b31e

    • Size

      697KB

    • MD5

      a7eef0d57b1cabbd1ec7db966fbd44df

    • SHA1

      b7e1326332a8532ffeea9cfb90b87c01ae7a9134

    • SHA256

      fb113ffa658f6479ead5786069f84583c2c101ace103deb193c90be34d48b31e

    • SHA512

      a38c870e049845d609e4f7203848ee8e040b457d303e1e56b6f9fe636c830661abae71dc1b6dccecd2f3ac452b8d30a2ca0229204363c2547c21da9cc9eecf0b

    • SSDEEP

      12288:my9024wQW+0AWA1ClRzNZQ31a/eL7vqI+MdhhFJQ3ZRhuKH/0iDDe7VFY:myN4K+0rldg1a/yHhFJUjls8e7VFY

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.