Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5af3c63944fb3e86c3006d9671195c0f1f84bf06b91bf5f5c57f3b87857e6a79

  • Size

    479KB

  • Sample

    230506-g757jsgc59

  • MD5

    6938355a3d0af022e7ea584d8144fd82

  • SHA1

    3132d087e29a7aac2170e3a87689a2bc7d0a1176

  • SHA256

    5af3c63944fb3e86c3006d9671195c0f1f84bf06b91bf5f5c57f3b87857e6a79

  • SHA512

    f942c01a2932447ad778185a02a011b0cd397992fcba0d61bb1447d733e255bd71d5721e96029deb72cfcb89f119562c6083b09c4b9b5bd60c362821cb564b69

  • SSDEEP

    12288:VMrJy90HIxe8J9Mq/iHFK9G03CtKGbySD7BIJz:YyGIxF/GQ8Klg7BIt

Malware Config

Targets

    • Target

      5af3c63944fb3e86c3006d9671195c0f1f84bf06b91bf5f5c57f3b87857e6a79

    • Size

      479KB

    • MD5

      6938355a3d0af022e7ea584d8144fd82

    • SHA1

      3132d087e29a7aac2170e3a87689a2bc7d0a1176

    • SHA256

      5af3c63944fb3e86c3006d9671195c0f1f84bf06b91bf5f5c57f3b87857e6a79

    • SHA512

      f942c01a2932447ad778185a02a011b0cd397992fcba0d61bb1447d733e255bd71d5721e96029deb72cfcb89f119562c6083b09c4b9b5bd60c362821cb564b69

    • SSDEEP

      12288:VMrJy90HIxe8J9Mq/iHFK9G03CtKGbySD7BIJz:YyGIxF/GQ8Klg7BIt

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks