Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    63a2fa37393b054082a377b69657728756be5dbcca6c271eb80779a2bea1fb44

  • Size

    234KB

  • Sample

    231030-zlwp4ahb32

  • MD5

    fdb2e9bda9e3a6b19c2b7246b8b6eb57

  • SHA1

    5ea7dbc2d8f81e4bd37d1d837db716fee760cb89

  • SHA256

    63a2fa37393b054082a377b69657728756be5dbcca6c271eb80779a2bea1fb44

  • SHA512

    59a0a53bd12cab5828260916e30cc1b8fb6388c0c7e2342d26d2c0a5e1d8317db8ee1c3827d959f7003018f4f5b0a14101239625e0177bb7279dfa0e03dfd0d7

  • SSDEEP

    3072:JAXgoCiquFrfXgGqrhZ3xhZIAOcNhL4rsrXIDw0L5deNMh:aTTquFDXgPrhzhGpah8rQXIJ

Malware Config

Targets

    • Target

      63a2fa37393b054082a377b69657728756be5dbcca6c271eb80779a2bea1fb44

    • Size

      234KB

    • MD5

      fdb2e9bda9e3a6b19c2b7246b8b6eb57

    • SHA1

      5ea7dbc2d8f81e4bd37d1d837db716fee760cb89

    • SHA256

      63a2fa37393b054082a377b69657728756be5dbcca6c271eb80779a2bea1fb44

    • SHA512

      59a0a53bd12cab5828260916e30cc1b8fb6388c0c7e2342d26d2c0a5e1d8317db8ee1c3827d959f7003018f4f5b0a14101239625e0177bb7279dfa0e03dfd0d7

    • SSDEEP

      3072:JAXgoCiquFrfXgGqrhZ3xhZIAOcNhL4rsrXIDw0L5deNMh:aTTquFDXgPrhzhGpah8rQXIJ

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks