Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a338681d4b6b150332e27743c2b80b9826d214ddcb096178aa53f14c229f558c

  • Size

    308KB

  • Sample

    230504-xg9p2sgc9y

  • MD5

    b1558cd55f5724c03021b61f74598690

  • SHA1

    7b1dfbad95dd0875ff7c0453d4080678429613d1

  • SHA256

    a338681d4b6b150332e27743c2b80b9826d214ddcb096178aa53f14c229f558c

  • SHA512

    3fc6f0f287305acf0e23c22fd16f47bac296cf1f12a7c35a21f6a1696fd88abb998da6f6df85e61747391047555737d7c87c6101055302ce33e4ce61d39f8532

  • SSDEEP

    6144:Kly+bnr+3p0yN90QEMlEY+zbPso4JfzrovwXaJtkLf0:LMr/y90Kb+z7ef9XaJtkg

Malware Config

Targets

    • Target

      a338681d4b6b150332e27743c2b80b9826d214ddcb096178aa53f14c229f558c

    • Size

      308KB

    • MD5

      b1558cd55f5724c03021b61f74598690

    • SHA1

      7b1dfbad95dd0875ff7c0453d4080678429613d1

    • SHA256

      a338681d4b6b150332e27743c2b80b9826d214ddcb096178aa53f14c229f558c

    • SHA512

      3fc6f0f287305acf0e23c22fd16f47bac296cf1f12a7c35a21f6a1696fd88abb998da6f6df85e61747391047555737d7c87c6101055302ce33e4ce61d39f8532

    • SSDEEP

      6144:Kly+bnr+3p0yN90QEMlEY+zbPso4JfzrovwXaJtkLf0:LMr/y90Kb+z7ef9XaJtkg

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks