Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    38e8b63311c104a4c7004bcfc27979bcabeff2659b06677245d39e3f15ba2682

  • Size

    480KB

  • Sample

    230505-t9v6ksdd8x

  • MD5

    243f1e6cf95dc26607edbf69dbd68e13

  • SHA1

    480ab6d89aa78dabf97557673dc3ae40508a79a3

  • SHA256

    38e8b63311c104a4c7004bcfc27979bcabeff2659b06677245d39e3f15ba2682

  • SHA512

    3ed99688e413ebee7997d7325413fc3770822896ef3eabf2022d25853be8c3cd407fddab21b0ac26584efb4b89ec0d3af1503126f04449236851f215a75fb8d9

  • SSDEEP

    6144:KYy+bnr+Qp0yN90QE8v1sbYIIILu8BnSBAhuRmxlb2LPSKf7MfqrQ10V6OppRjY1:4Mrky9061s1hUAGBLPSKgwBRjY0Ai0

Malware Config

Targets

    • Target

      38e8b63311c104a4c7004bcfc27979bcabeff2659b06677245d39e3f15ba2682

    • Size

      480KB

    • MD5

      243f1e6cf95dc26607edbf69dbd68e13

    • SHA1

      480ab6d89aa78dabf97557673dc3ae40508a79a3

    • SHA256

      38e8b63311c104a4c7004bcfc27979bcabeff2659b06677245d39e3f15ba2682

    • SHA512

      3ed99688e413ebee7997d7325413fc3770822896ef3eabf2022d25853be8c3cd407fddab21b0ac26584efb4b89ec0d3af1503126f04449236851f215a75fb8d9

    • SSDEEP

      6144:KYy+bnr+Qp0yN90QE8v1sbYIIILu8BnSBAhuRmxlb2LPSKf7MfqrQ10V6OppRjY1:4Mrky9061s1hUAGBLPSKgwBRjY0Ai0

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks