Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0832fd308c0ff181cd3af6e627a199eb

  • Size

    218KB

  • Sample

    231219-ml19cschcm

  • MD5

    0832fd308c0ff181cd3af6e627a199eb

  • SHA1

    bcda79eeee370e686c88693c30b987e0ddb73b71

  • SHA256

    da2a9f7c31f076433cf46e01b8d1b313d94fd87c95309be59842df05af25355f

  • SHA512

    3cd0bd5f3f33936690e704f7f8a55efb1fb6b896b9a6c3c4d1138c4e53a54257b55efe3c81870c62f6a7197af8cbd8c99787bd53026ef4b2721b43f4f26c5878

  • SSDEEP

    3072:B7puEEMo2qTY9VfBhu3oVocpsZBd4Tqqkn3sLBO6ZSETrhgbXX9llGZ2:ppMMVVbsmS6IA8X9Ss

Malware Config

Targets

    • Target

      0832fd308c0ff181cd3af6e627a199eb

    • Size

      218KB

    • MD5

      0832fd308c0ff181cd3af6e627a199eb

    • SHA1

      bcda79eeee370e686c88693c30b987e0ddb73b71

    • SHA256

      da2a9f7c31f076433cf46e01b8d1b313d94fd87c95309be59842df05af25355f

    • SHA512

      3cd0bd5f3f33936690e704f7f8a55efb1fb6b896b9a6c3c4d1138c4e53a54257b55efe3c81870c62f6a7197af8cbd8c99787bd53026ef4b2721b43f4f26c5878

    • SSDEEP

      3072:B7puEEMo2qTY9VfBhu3oVocpsZBd4Tqqkn3sLBO6ZSETrhgbXX9llGZ2:ppMMVVbsmS6IA8X9Ss

    • Contacts a large (1005) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks