Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ac015ea80a2d51922711029ac5f52a40af4163f548734754fe2cf399581decac

  • Size

    7.1MB

  • Sample

    231031-xfq7baee97

  • MD5

    f621e8f38dff3d36f286a3cda7096e52

  • SHA1

    08c695ebf684cfa0388852fa6017443952a41b24

  • SHA256

    ac015ea80a2d51922711029ac5f52a40af4163f548734754fe2cf399581decac

  • SHA512

    a7441b2213929b2dbccb709ab290cd3a271e9ce6c90f14574e3f07275081196c1b546c06573b7d53fa7dcd26f00d552ce3029619cb538b34b8df52d32e5f81eb

  • SSDEEP

    196608:91OyqPSSBSG+2UjbsVzWIwONGVulZNqQiQn0miMsr+bI6:3OcSs92zFwr4lZNvLFI+c6

Malware Config

Targets

    • Target

      ac015ea80a2d51922711029ac5f52a40af4163f548734754fe2cf399581decac

    • Size

      7.1MB

    • MD5

      f621e8f38dff3d36f286a3cda7096e52

    • SHA1

      08c695ebf684cfa0388852fa6017443952a41b24

    • SHA256

      ac015ea80a2d51922711029ac5f52a40af4163f548734754fe2cf399581decac

    • SHA512

      a7441b2213929b2dbccb709ab290cd3a271e9ce6c90f14574e3f07275081196c1b546c06573b7d53fa7dcd26f00d552ce3029619cb538b34b8df52d32e5f81eb

    • SSDEEP

      196608:91OyqPSSBSG+2UjbsVzWIwONGVulZNqQiQn0miMsr+bI6:3OcSs92zFwr4lZNvLFI+c6

    • Blocklisted process makes network request

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Drops desktop.ini file(s)

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks