Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1631fd1307d62dffa2fc5c238f5630c8

  • Size

    250KB

  • Sample

    231225-l69wkacdgq

  • MD5

    1631fd1307d62dffa2fc5c238f5630c8

  • SHA1

    47566b36258b6ad7e08b5c8cfb7cd9eeb4b063e1

  • SHA256

    7ec3a4a7872f40773186d53eeba2352c498ee3178104359638abb3a4c7578800

  • SHA512

    e6f2341d2fd34ace68bc64a91c7b96bd8cf482bd1f4faee2904a90ed70927d3eb8d286b70b52fd99bf19ce71613fd56102df94338d57f9af247e501556713489

  • SSDEEP

    6144:wciEde2K/IyHwihFp7non6Y/PUaKwtapzVmS5nJfcQ/4hz9Vm6Reqhj7D:bF/K/IyHpb4m3UQWz9Vvn

Malware Config

Targets

    • Target

      1631fd1307d62dffa2fc5c238f5630c8

    • Size

      250KB

    • MD5

      1631fd1307d62dffa2fc5c238f5630c8

    • SHA1

      47566b36258b6ad7e08b5c8cfb7cd9eeb4b063e1

    • SHA256

      7ec3a4a7872f40773186d53eeba2352c498ee3178104359638abb3a4c7578800

    • SHA512

      e6f2341d2fd34ace68bc64a91c7b96bd8cf482bd1f4faee2904a90ed70927d3eb8d286b70b52fd99bf19ce71613fd56102df94338d57f9af247e501556713489

    • SSDEEP

      6144:wciEde2K/IyHwihFp7non6Y/PUaKwtapzVmS5nJfcQ/4hz9Vm6Reqhj7D:bF/K/IyHpb4m3UQWz9Vvn

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks