Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4c267bfd760e90a203a744138d59ce5c

  • Size

    3.4MB

  • Sample

    240108-w4jayafbcr

  • MD5

    4c267bfd760e90a203a744138d59ce5c

  • SHA1

    5d585e86b727b9d94e8458a298880f1f79815e3a

  • SHA256

    1da32f2f8d0930fa4817a88b963c853345241501dc27ee1c4ff97778eccef8fb

  • SHA512

    49d0f977d441ceca95366a33288b56baf41daf571b635d0908eb4a3a759a2bd91964eb2038bc0fe24708f4e7881d2cce19225f90c1a8a75db61f2f643d827172

  • SSDEEP

    98304:HRS6nfSOQZOt+CW+7EELhF3gxpNOf2k2Y/4aEuC0:Hkj8NBFwxpNOuk2faEuC0

Malware Config

Targets

    • Target

      4c267bfd760e90a203a744138d59ce5c

    • Size

      3.4MB

    • MD5

      4c267bfd760e90a203a744138d59ce5c

    • SHA1

      5d585e86b727b9d94e8458a298880f1f79815e3a

    • SHA256

      1da32f2f8d0930fa4817a88b963c853345241501dc27ee1c4ff97778eccef8fb

    • SHA512

      49d0f977d441ceca95366a33288b56baf41daf571b635d0908eb4a3a759a2bd91964eb2038bc0fe24708f4e7881d2cce19225f90c1a8a75db61f2f643d827172

    • SSDEEP

      98304:HRS6nfSOQZOt+CW+7EELhF3gxpNOf2k2Y/4aEuC0:Hkj8NBFwxpNOuk2faEuC0

    • Stops running service(s)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks