Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
85668e50e43c6e8092232db81eb943a9e30f12eb540017a3283428949b164a45
-
Size
712KB
-
Sample
230504-sp7s7sdc75
-
MD5
2cf9032670f193d7ff08bfdcd8700485
-
SHA1
93d6d68d4e6fb8e0e30c6116bd23cff208274955
-
SHA256
85668e50e43c6e8092232db81eb943a9e30f12eb540017a3283428949b164a45
-
SHA512
8bd878823f54e646eb479008c7eab835e77ef6bfb27a0f46932531a2ed6a4ccb1e9eb43e0b0623d7e61ab5496fbf3cb7feaca956fd0858af4f1ff579b4a98648
-
SSDEEP
12288:CMrDy90drbyARFB1zts6QHQI7/pCLh/mA12Aqo2GL0tSwGRY7:ByOjg7wq+eA12G2GL+SwL7
Malware Config
Targets
-
-
Target
85668e50e43c6e8092232db81eb943a9e30f12eb540017a3283428949b164a45
-
Size
712KB
-
MD5
2cf9032670f193d7ff08bfdcd8700485
-
SHA1
93d6d68d4e6fb8e0e30c6116bd23cff208274955
-
SHA256
85668e50e43c6e8092232db81eb943a9e30f12eb540017a3283428949b164a45
-
SHA512
8bd878823f54e646eb479008c7eab835e77ef6bfb27a0f46932531a2ed6a4ccb1e9eb43e0b0623d7e61ab5496fbf3cb7feaca956fd0858af4f1ff579b4a98648
-
SSDEEP
12288:CMrDy90drbyARFB1zts6QHQI7/pCLh/mA12Aqo2GL0tSwGRY7:ByOjg7wq+eA12G2GL+SwL7
Score10/10-
Modifies Windows Defender Real-time Protection settings
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Windows security modification
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-