Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2226a35aed8bc34d629b343d58f99133a701844915db6207bcdc619c96717037

  • Size

    9.7MB

  • Sample

    231015-sd6rrsgd6v

  • MD5

    90d2c38fde11fa988dc26f061863ccdc

  • SHA1

    76f274252e0639777dd7651fadfad7f6ebe8d849

  • SHA256

    2226a35aed8bc34d629b343d58f99133a701844915db6207bcdc619c96717037

  • SHA512

    82d0cfe00ce52f9440661efa7fae314da64ef8e9cce7f25e139960fa9236d5d5ae4dbb66cfd14a130079da11b24efecd4481dab1b1bc6dc285b380bfc6dd33af

  • SSDEEP

    196608:SnPDOLdJ6rWkCsAFuq729SG3AXcNtOD6n+PDQw:SPKRksuq723QXcTOgar

Malware Config

Targets

    • Target

      Crack_License_Key_Full.exe

    • Size

      734.9MB

    • MD5

      2a363a8b0813b483306caea96f498622

    • SHA1

      42a2165360ec44cb24a7e7b44925e31e1e53f118

    • SHA256

      f2e0109ae08de943890df32d768ec59ae0bc8ac7953ae87d61567b5ff2edce86

    • SHA512

      52c2244824773e34816a941a069c81e49f7c217ff6d9f3af4e13a6a4222ab803aa02f3b1857e0696e288dce0f9c644dc9c745c20267d3e25efbd3e179a59b760

    • SSDEEP

      98304:PbMJjxZQmPmceIv5pwv9R5f8wvj20cDOyu6suEeSlLER3kGv4XJy7WW8OWy3HvJp:+YIv5m/5fSxsuE6RqAdvz6DndfAvt

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks