Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0118ea17cbe6a0f2bd0985f811a3b6ac

  • Size

    7.0MB

  • Sample

    231229-xngylseghl

  • MD5

    0118ea17cbe6a0f2bd0985f811a3b6ac

  • SHA1

    a7644101cf8fec8fafab49f6fe71f12b6ab9a1e1

  • SHA256

    1632ecd4987e685397424bd3f6a44dd31c75c5b12f9a3b77573d216f53761d69

  • SHA512

    5a33ebc21be432eee5db0156e13dfd3beab6e24a8b6f51cb8e4f2300c1ddfe7597aed5b8dd4b2af7c7edecf51b951eff065b3f528ea84914127b2431dead14d7

  • SSDEEP

    49152:0qN+V8tgJdf7rOO53RTqtiGydB3I3pP9zWmTW:1+Cgl7rOO53mWC3pP8

Malware Config

Targets

    • Target

      0118ea17cbe6a0f2bd0985f811a3b6ac

    • Size

      7.0MB

    • MD5

      0118ea17cbe6a0f2bd0985f811a3b6ac

    • SHA1

      a7644101cf8fec8fafab49f6fe71f12b6ab9a1e1

    • SHA256

      1632ecd4987e685397424bd3f6a44dd31c75c5b12f9a3b77573d216f53761d69

    • SHA512

      5a33ebc21be432eee5db0156e13dfd3beab6e24a8b6f51cb8e4f2300c1ddfe7597aed5b8dd4b2af7c7edecf51b951eff065b3f528ea84914127b2431dead14d7

    • SSDEEP

      49152:0qN+V8tgJdf7rOO53RTqtiGydB3I3pP9zWmTW:1+Cgl7rOO53mWC3pP8

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks