Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    927489cc9c682730fbb0b7ebc00f03806ca0f7d5de98629cabad69058e64a199

  • Size

    308KB

  • Sample

    230504-xecbrsgc6y

  • MD5

    56e23384e1002c6cee17fd94fc45dd15

  • SHA1

    c4c74b902c8d959490bdb3c838d58c4103fdf208

  • SHA256

    927489cc9c682730fbb0b7ebc00f03806ca0f7d5de98629cabad69058e64a199

  • SHA512

    80323ef87f7aaaea01e5e25edcfc3b9bd5231a4ebbf3b1c066cedab0aaa281db6138812827ceb8a8f85e06b3107500dcf907a21fb40134424cdf6978c46231c1

  • SSDEEP

    6144:Kgy+bnr+Bp0yN90QERlEY+zbPsE4JqR7wVvEXQwjxyoEifap:QMrFy90vb+zzet+ytifap

Malware Config

Targets

    • Target

      927489cc9c682730fbb0b7ebc00f03806ca0f7d5de98629cabad69058e64a199

    • Size

      308KB

    • MD5

      56e23384e1002c6cee17fd94fc45dd15

    • SHA1

      c4c74b902c8d959490bdb3c838d58c4103fdf208

    • SHA256

      927489cc9c682730fbb0b7ebc00f03806ca0f7d5de98629cabad69058e64a199

    • SHA512

      80323ef87f7aaaea01e5e25edcfc3b9bd5231a4ebbf3b1c066cedab0aaa281db6138812827ceb8a8f85e06b3107500dcf907a21fb40134424cdf6978c46231c1

    • SSDEEP

      6144:Kgy+bnr+Bp0yN90QERlEY+zbPsE4JqR7wVvEXQwjxyoEifap:QMrFy90vb+zzet+ytifap

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks