Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f813f3f17cc6a471e19bd341f08392a4.exe

  • Size

    465KB

  • Sample

    230716-t6321sge9v

  • MD5

    f813f3f17cc6a471e19bd341f08392a4

  • SHA1

    64478e1a47287924bb970ab9d54cf394202806e8

  • SHA256

    c1420965fdb80d2925b8ba25a0ac20bb49ee08bc8bbc1537d3e23069649cb941

  • SHA512

    dfe198a8f811ba6fe2c0db1818ce3757bd852872947727a5c4bebf6c0e78f2b1c2a1e1d2593fd801c9668b72bb7612bda68013ae95843f282c1a4d3be106d692

  • SSDEEP

    6144:uLuv+rzoFOgKVHMQExcYAp0NFWUSShtepNYKB4yYuD5ht5RInaOdLuPFGtT:uavJOhWSYAuNFp6PYuDp5RIaBFO

Malware Config

Targets

    • Target

      f813f3f17cc6a471e19bd341f08392a4.exe

    • Size

      465KB

    • MD5

      f813f3f17cc6a471e19bd341f08392a4

    • SHA1

      64478e1a47287924bb970ab9d54cf394202806e8

    • SHA256

      c1420965fdb80d2925b8ba25a0ac20bb49ee08bc8bbc1537d3e23069649cb941

    • SHA512

      dfe198a8f811ba6fe2c0db1818ce3757bd852872947727a5c4bebf6c0e78f2b1c2a1e1d2593fd801c9668b72bb7612bda68013ae95843f282c1a4d3be106d692

    • SSDEEP

      6144:uLuv+rzoFOgKVHMQExcYAp0NFWUSShtepNYKB4yYuD5ht5RInaOdLuPFGtT:uavJOhWSYAuNFp6PYuDp5RIaBFO

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks