Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0c77500a376402cfad864c1454b8df2a

  • Size

    170KB

  • Sample

    231230-dlewpahagq

  • MD5

    0c77500a376402cfad864c1454b8df2a

  • SHA1

    4faf5cdade7e6011174b17ea8f6f141f9e071030

  • SHA256

    e99c6b040873bcd813f2a71d04a7e71f2888b8793f630575b50ceb59b9d9750a

  • SHA512

    b2c80afa32b45db1a70453de2a693aa50dd9a104ac857b8c1a6ddaec4875865480cdaa550b8cc35e12ef96e37d1b5cf854641b7854d716545aa36f7f5e11bad2

  • SSDEEP

    3072:+5ERKdsNSE8jWf+FnGevgjFA+WzmLpJhJ4RpS:+wB8qonGeoFA0lyp

Malware Config

Targets

    • Target

      0c77500a376402cfad864c1454b8df2a

    • Size

      170KB

    • MD5

      0c77500a376402cfad864c1454b8df2a

    • SHA1

      4faf5cdade7e6011174b17ea8f6f141f9e071030

    • SHA256

      e99c6b040873bcd813f2a71d04a7e71f2888b8793f630575b50ceb59b9d9750a

    • SHA512

      b2c80afa32b45db1a70453de2a693aa50dd9a104ac857b8c1a6ddaec4875865480cdaa550b8cc35e12ef96e37d1b5cf854641b7854d716545aa36f7f5e11bad2

    • SSDEEP

      3072:+5ERKdsNSE8jWf+FnGevgjFA+WzmLpJhJ4RpS:+wB8qonGeoFA0lyp

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks whether UAC is enabled

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks