Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1749787b426b25e1ad3a8cc838b6201b8e7c151f443ab5f27c96118cd3f24370

  • Size

    589KB

  • Sample

    230504-l3ntxsdc9z

  • MD5

    46befae2e1f40094aab59e2f43392f9f

  • SHA1

    e3f1c6bcbd38c01a9992259be3a79116dfc5265c

  • SHA256

    1749787b426b25e1ad3a8cc838b6201b8e7c151f443ab5f27c96118cd3f24370

  • SHA512

    0742aafc5a7b62af1e31baec7cf8c549b549ca67dc49ce72780ad50e2bccc684003f4ee5fcf8cabd611c52b63c3ea6f0b8c03d2fad1e64cc6effda81f448b2f2

  • SSDEEP

    12288:4MrLy902VxTWc0A966iHstnIPVoi9l1X6J7nDavqlOJ:zyJxQr6iHaIP+olsdDa5J

Malware Config

Targets

    • Target

      1749787b426b25e1ad3a8cc838b6201b8e7c151f443ab5f27c96118cd3f24370

    • Size

      589KB

    • MD5

      46befae2e1f40094aab59e2f43392f9f

    • SHA1

      e3f1c6bcbd38c01a9992259be3a79116dfc5265c

    • SHA256

      1749787b426b25e1ad3a8cc838b6201b8e7c151f443ab5f27c96118cd3f24370

    • SHA512

      0742aafc5a7b62af1e31baec7cf8c549b549ca67dc49ce72780ad50e2bccc684003f4ee5fcf8cabd611c52b63c3ea6f0b8c03d2fad1e64cc6effda81f448b2f2

    • SSDEEP

      12288:4MrLy902VxTWc0A966iHstnIPVoi9l1X6J7nDavqlOJ:zyJxQr6iHaIP+olsdDa5J

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks