Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9df91d178edc036ab2f3945f0f991ea5e6acd39694a107233c2fac58a97b0b20

  • Size

    479KB

  • Sample

    230505-3cgrcsfa88

  • MD5

    59243fac34581a5f5cdf827720812d85

  • SHA1

    72a18ce731cb371bb9642c6512b9b5c70777306c

  • SHA256

    9df91d178edc036ab2f3945f0f991ea5e6acd39694a107233c2fac58a97b0b20

  • SHA512

    e4e662f153c382236d1ce0d774c7b3db39249188ace2a3ea0ed24ac356f6da63752682d56bc716956cbeb8e3f99e30dcc8408bb50f9e01f608455b1b5fb3fc9c

  • SSDEEP

    12288:VMr6y90QGWz0bl5c1u31wTeRNkL8Qb3cUyyl/nI:TypHzCXyTuGjMUyyl/nI

Malware Config

Targets

    • Target

      9df91d178edc036ab2f3945f0f991ea5e6acd39694a107233c2fac58a97b0b20

    • Size

      479KB

    • MD5

      59243fac34581a5f5cdf827720812d85

    • SHA1

      72a18ce731cb371bb9642c6512b9b5c70777306c

    • SHA256

      9df91d178edc036ab2f3945f0f991ea5e6acd39694a107233c2fac58a97b0b20

    • SHA512

      e4e662f153c382236d1ce0d774c7b3db39249188ace2a3ea0ed24ac356f6da63752682d56bc716956cbeb8e3f99e30dcc8408bb50f9e01f608455b1b5fb3fc9c

    • SSDEEP

      12288:VMr6y90QGWz0bl5c1u31wTeRNkL8Qb3cUyyl/nI:TypHzCXyTuGjMUyyl/nI

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks