Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    07a35f248a01747dfd03070bd6eced76

  • Size

    115KB

  • Sample

    231229-3xdv7seac9

  • MD5

    07a35f248a01747dfd03070bd6eced76

  • SHA1

    0e73ff1adf932d8ad312589d0b289f493b410115

  • SHA256

    20f62f530b38f073958200ba31f3b2f54efe2862e322de633581cc95b48b88ff

  • SHA512

    af9300e02ad9b41da9fa453cb8fd185aaf71cce921d6267d475b79b04fa44b99867807c33e98e7d615dd6db04a29275534f3b5bab03daaf1fbfb805dbaf35bc0

  • SSDEEP

    3072:SKcWmjRrz3ZKcWmjRrz3UNCf+yTXhl/FCMAzgcGu:hGyGWu+yTwMA0cGu

Malware Config

Targets

    • Target

      07a35f248a01747dfd03070bd6eced76

    • Size

      115KB

    • MD5

      07a35f248a01747dfd03070bd6eced76

    • SHA1

      0e73ff1adf932d8ad312589d0b289f493b410115

    • SHA256

      20f62f530b38f073958200ba31f3b2f54efe2862e322de633581cc95b48b88ff

    • SHA512

      af9300e02ad9b41da9fa453cb8fd185aaf71cce921d6267d475b79b04fa44b99867807c33e98e7d615dd6db04a29275534f3b5bab03daaf1fbfb805dbaf35bc0

    • SSDEEP

      3072:SKcWmjRrz3ZKcWmjRrz3UNCf+yTXhl/FCMAzgcGu:hGyGWu+yTwMA0cGu

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks