Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4f7ab463877c56b037f15ed7c8b4acf83db61d4714d57a550c8d5c2169dc8124

  • Size

    7.2MB

  • Sample

    231120-xpp1lshh52

  • MD5

    2b6e779f8f00dda317c97309a1a04324

  • SHA1

    b0c42518fe1574b9a31e7d6146b0a3864cac3895

  • SHA256

    4f7ab463877c56b037f15ed7c8b4acf83db61d4714d57a550c8d5c2169dc8124

  • SHA512

    f1fccf552453cc84832166f52af0d4a1e93bfd642bdeb340443fdc767652bc9e83c44ccf3f46e29c5c1c06b61dcf9d11cd88673716956a4a8459d1d413c0e57d

  • SSDEEP

    196608:91OwADaK7p4a9kl8WrK4mP622yq9Gj178GXUQnxc7Yf3Eu:3OwAGyp4Fl04Q2ykGZ6Q67Nu

Malware Config

Targets

    • Target

      4f7ab463877c56b037f15ed7c8b4acf83db61d4714d57a550c8d5c2169dc8124

    • Size

      7.2MB

    • MD5

      2b6e779f8f00dda317c97309a1a04324

    • SHA1

      b0c42518fe1574b9a31e7d6146b0a3864cac3895

    • SHA256

      4f7ab463877c56b037f15ed7c8b4acf83db61d4714d57a550c8d5c2169dc8124

    • SHA512

      f1fccf552453cc84832166f52af0d4a1e93bfd642bdeb340443fdc767652bc9e83c44ccf3f46e29c5c1c06b61dcf9d11cd88673716956a4a8459d1d413c0e57d

    • SSDEEP

      196608:91OwADaK7p4a9kl8WrK4mP622yq9Gj178GXUQnxc7Yf3Eu:3OwAGyp4Fl04Q2ykGZ6Q67Nu

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Drops desktop.ini file(s)

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks