Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    055e31a5dac59ecc5f5204c297be02b4a5be5f6f45720ba657000bb8e7243daa

  • Size

    1.1MB

  • Sample

    230426-t8a41saf26

  • MD5

    39822808b83d230a31e5de6165e32935

  • SHA1

    5030344cc1b41a3348446a7e03bea45368a3a8d0

  • SHA256

    055e31a5dac59ecc5f5204c297be02b4a5be5f6f45720ba657000bb8e7243daa

  • SHA512

    b41537e69187f82ab97460d8948556718768539b83250b88d2015a78955988e7957566766daee71f2bc3b41d1f4c23fd5fc54ba824798878aae6706ecba973ec

  • SSDEEP

    12288:uy90ABCW5ynnzWnu+ItCxmWfLG3xvVk6u1KroXE30wI0Z+9a/g2RG7FJjOOWFAtK:uyzT5qnzCPczjMXEY0kDOQOlIw9tV9r

Malware Config

Targets

    • Target

      055e31a5dac59ecc5f5204c297be02b4a5be5f6f45720ba657000bb8e7243daa

    • Size

      1.1MB

    • MD5

      39822808b83d230a31e5de6165e32935

    • SHA1

      5030344cc1b41a3348446a7e03bea45368a3a8d0

    • SHA256

      055e31a5dac59ecc5f5204c297be02b4a5be5f6f45720ba657000bb8e7243daa

    • SHA512

      b41537e69187f82ab97460d8948556718768539b83250b88d2015a78955988e7957566766daee71f2bc3b41d1f4c23fd5fc54ba824798878aae6706ecba973ec

    • SSDEEP

      12288:uy90ABCW5ynnzWnu+ItCxmWfLG3xvVk6u1KroXE30wI0Z+9a/g2RG7FJjOOWFAtK:uyzT5qnzCPczjMXEY0kDOQOlIw9tV9r

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.