Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6da36817a938a7c9cd3fc921c54270ada1d6e5a742dc759d089d2be7ad82ad33

  • Size

    4.2MB

  • Sample

    230920-nhlj6shh94

  • MD5

    bbc7ebaca03d2240677b641896e28b09

  • SHA1

    d2559a69d0e34fb8f01c1db65ddbdd494f7da2f3

  • SHA256

    6da36817a938a7c9cd3fc921c54270ada1d6e5a742dc759d089d2be7ad82ad33

  • SHA512

    779576891aaad1808560434880334c0b1d87b67fa580bab17d78f9b4c3755f6ee53f3375641edebcd0b8e514bcc130a35dd6955601fceef1ad2cc4b8eccdf995

  • SSDEEP

    49152:208OhxtUg9OUi82w6aQp9dgS1GUL38XhCOYc3iJXb9emEPGKOPkQThMYRZnm7LBF:208vdsGaQNgS1r6eTnuFzqG7wRGpj3

Malware Config

Targets

    • Target

      6da36817a938a7c9cd3fc921c54270ada1d6e5a742dc759d089d2be7ad82ad33

    • Size

      4.2MB

    • MD5

      bbc7ebaca03d2240677b641896e28b09

    • SHA1

      d2559a69d0e34fb8f01c1db65ddbdd494f7da2f3

    • SHA256

      6da36817a938a7c9cd3fc921c54270ada1d6e5a742dc759d089d2be7ad82ad33

    • SHA512

      779576891aaad1808560434880334c0b1d87b67fa580bab17d78f9b4c3755f6ee53f3375641edebcd0b8e514bcc130a35dd6955601fceef1ad2cc4b8eccdf995

    • SSDEEP

      49152:208OhxtUg9OUi82w6aQp9dgS1GUL38XhCOYc3iJXb9emEPGKOPkQThMYRZnm7LBF:208vdsGaQNgS1r6eTnuFzqG7wRGpj3

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks