Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4a0c3570a27479f73c1187abb9c550e7ef8d85d1eb657c9066674e1f19994e3b

  • Size

    1.2MB

  • Sample

    240105-njpcfsaeam

  • MD5

    197916eb2f2f628e133ffb10e5042313

  • SHA1

    e6f4c137822480bcbbde31a4357669ea66449ec9

  • SHA256

    4a0c3570a27479f73c1187abb9c550e7ef8d85d1eb657c9066674e1f19994e3b

  • SHA512

    678e8f896f99be91a7c4fb709214b03c4565617011183d183add5d01a390b2a58c1290d1866b4e57b1bbe6ae027c12b86cf5c3113f063887aa28e760655c8a6d

  • SSDEEP

    24576:wak/7Nk4RZzg84YKZu0zoFmDcpii9iGn+lcnMTFHtOUsCz8oDqE:wak/+84dZu+k0WdEGnAHtlsCIo+E

Malware Config

Targets

    • Target

      4a0c3570a27479f73c1187abb9c550e7ef8d85d1eb657c9066674e1f19994e3b

    • Size

      1.2MB

    • MD5

      197916eb2f2f628e133ffb10e5042313

    • SHA1

      e6f4c137822480bcbbde31a4357669ea66449ec9

    • SHA256

      4a0c3570a27479f73c1187abb9c550e7ef8d85d1eb657c9066674e1f19994e3b

    • SHA512

      678e8f896f99be91a7c4fb709214b03c4565617011183d183add5d01a390b2a58c1290d1866b4e57b1bbe6ae027c12b86cf5c3113f063887aa28e760655c8a6d

    • SSDEEP

      24576:wak/7Nk4RZzg84YKZu0zoFmDcpii9iGn+lcnMTFHtOUsCz8oDqE:wak/+84dZu+k0WdEGnAHtlsCIo+E

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks