Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    tmp

  • Size

    252KB

  • Sample

    230508-pgyc1scc8t

  • MD5

    743a03da4bca80da5f49be2b77050225

  • SHA1

    49ccd55c30cb4e31be4d4bf48bac3bdcba1acec1

  • SHA256

    7517367b3b61170bb7637de6f89077069159c4a04f430c28102e2d7cf5a0343a

  • SHA512

    98e425afc2237966b5a74439879afd0dbcc5293f9eef6a4e8480db35dccba3626e0fcca855feb5beeeb1b5a1d35e4e13ca86cc0150aff6d310e6a5f09d1302be

  • SSDEEP

    6144:PYa6r0uQT1S084gHhrbDPvT5wTMHxrjSL9q/Vk+shAeBGWr:PYRz0fgHhnDvHxPSJn+sSeBGK

Score
7/10

Malware Config

Targets

    • Target

      tmp

    • Size

      252KB

    • MD5

      743a03da4bca80da5f49be2b77050225

    • SHA1

      49ccd55c30cb4e31be4d4bf48bac3bdcba1acec1

    • SHA256

      7517367b3b61170bb7637de6f89077069159c4a04f430c28102e2d7cf5a0343a

    • SHA512

      98e425afc2237966b5a74439879afd0dbcc5293f9eef6a4e8480db35dccba3626e0fcca855feb5beeeb1b5a1d35e4e13ca86cc0150aff6d310e6a5f09d1302be

    • SSDEEP

      6144:PYa6r0uQT1S084gHhrbDPvT5wTMHxrjSL9q/Vk+shAeBGWr:PYRz0fgHhnDvHxPSJn+sSeBGK

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks