Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    055e31a5dac59ecc5f5204c297be02b4a5be5f6f45720ba657000bb8e7243daa

  • Size

    1.1MB

  • Sample

    230426-t8a41saf26

  • MD5

    39822808b83d230a31e5de6165e32935

  • SHA1

    5030344cc1b41a3348446a7e03bea45368a3a8d0

  • SHA256

    055e31a5dac59ecc5f5204c297be02b4a5be5f6f45720ba657000bb8e7243daa

  • SHA512

    b41537e69187f82ab97460d8948556718768539b83250b88d2015a78955988e7957566766daee71f2bc3b41d1f4c23fd5fc54ba824798878aae6706ecba973ec

  • SSDEEP

    12288:uy90ABCW5ynnzWnu+ItCxmWfLG3xvVk6u1KroXE30wI0Z+9a/g2RG7FJjOOWFAtK:uyzT5qnzCPczjMXEY0kDOQOlIw9tV9r

Malware Config

Targets

    • Target

      055e31a5dac59ecc5f5204c297be02b4a5be5f6f45720ba657000bb8e7243daa

    • Size

      1.1MB

    • MD5

      39822808b83d230a31e5de6165e32935

    • SHA1

      5030344cc1b41a3348446a7e03bea45368a3a8d0

    • SHA256

      055e31a5dac59ecc5f5204c297be02b4a5be5f6f45720ba657000bb8e7243daa

    • SHA512

      b41537e69187f82ab97460d8948556718768539b83250b88d2015a78955988e7957566766daee71f2bc3b41d1f4c23fd5fc54ba824798878aae6706ecba973ec

    • SSDEEP

      12288:uy90ABCW5ynnzWnu+ItCxmWfLG3xvVk6u1KroXE30wI0Z+9a/g2RG7FJjOOWFAtK:uyzT5qnzCPczjMXEY0kDOQOlIw9tV9r

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks