Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    24fff70f83197065cfd011efcb18c471

  • Size

    3.3MB

  • Sample

    231231-c8vpzsaccr

  • MD5

    24fff70f83197065cfd011efcb18c471

  • SHA1

    aa7b959d9e71455c062c4d1c1d2069706c878e8a

  • SHA256

    8644b5a1ecf282da0e8ad4ff465e7026c26f6d3266f56e71b53e7ea776b03e7f

  • SHA512

    e39326653006966e3c5e274aa56d65cc3fc18ee6cd3f7e60083548f16b8ea9cea3809a925484d5615971f9c69f94e99b4c84176683446304c103a5ecc8a95109

  • SSDEEP

    98304:7RS6nfSOQZOt+CW+7EELhF3gxpNOf2k2Y/l:7kj8NBFwxpNOuk2w

Malware Config

Targets

    • Target

      24fff70f83197065cfd011efcb18c471

    • Size

      3.3MB

    • MD5

      24fff70f83197065cfd011efcb18c471

    • SHA1

      aa7b959d9e71455c062c4d1c1d2069706c878e8a

    • SHA256

      8644b5a1ecf282da0e8ad4ff465e7026c26f6d3266f56e71b53e7ea776b03e7f

    • SHA512

      e39326653006966e3c5e274aa56d65cc3fc18ee6cd3f7e60083548f16b8ea9cea3809a925484d5615971f9c69f94e99b4c84176683446304c103a5ecc8a95109

    • SSDEEP

      98304:7RS6nfSOQZOt+CW+7EELhF3gxpNOf2k2Y/l:7kj8NBFwxpNOuk2w

    • Stops running service(s)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks