Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    92177daeb2132961078300e75e80fad12331299c77f12b269fa037d89fa52e1f

  • Size

    694KB

  • Sample

    230426-n5s8jaba2t

  • MD5

    b5d1b8bee757a40c9ad4052616a1afa9

  • SHA1

    3adc8e0c96393937206455aa6b5c85262d348ffd

  • SHA256

    92177daeb2132961078300e75e80fad12331299c77f12b269fa037d89fa52e1f

  • SHA512

    53564fee73bd807ef77e27406895b256740a6747b10e2a0785d67c6455cb97db09fc5f154bf378525e0708759a87b360f662055bad519c876ae10a4e10c8c7a9

  • SSDEEP

    12288:Ey90OU6dtdyMK/bd16ouYXcwv9AK1gmSQNZRhuVHc0iDMe76iBKWwB:EyZU6q/Z16Oci9p+mSWjid7e76iBr+

Malware Config

Targets

    • Target

      92177daeb2132961078300e75e80fad12331299c77f12b269fa037d89fa52e1f

    • Size

      694KB

    • MD5

      b5d1b8bee757a40c9ad4052616a1afa9

    • SHA1

      3adc8e0c96393937206455aa6b5c85262d348ffd

    • SHA256

      92177daeb2132961078300e75e80fad12331299c77f12b269fa037d89fa52e1f

    • SHA512

      53564fee73bd807ef77e27406895b256740a6747b10e2a0785d67c6455cb97db09fc5f154bf378525e0708759a87b360f662055bad519c876ae10a4e10c8c7a9

    • SSDEEP

      12288:Ey90OU6dtdyMK/bd16ouYXcwv9AK1gmSQNZRhuVHc0iDMe76iBKWwB:EyZU6q/Z16Oci9p+mSWjid7e76iBr+

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks