Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Use_2024_To_Open.rar

  • Size

    19.6MB

  • Sample

    240118-xp2peagbe3

  • MD5

    7b087f7a5877ae2922788b30bfad784a

  • SHA1

    1d676f2f09cdfcc7b3f221aef825d9802cb6ea88

  • SHA256

    ad350f171f6f6ab01bb5cadf5586e0ccc05444f27896efc21d39afaf10516aeb

  • SHA512

    6501cd29ec5f4f58bd68e675a303c4655183397bf73a6c0146a227e591895f400b04e71eb5345e73da3e170bfc00e7af39cffacbd1e3ae86454f698f55941f96

  • SSDEEP

    393216:Lj4CK/XrCInw+Fwrq9BBCnNKzI+Ik1tM7yiaIV4nVWR93OjmlVsgrM/5Vuvg:H4R/7CQjsOy0su1OEV+OjiVsvV6g

Malware Config

Targets

    • Target

      setup_win64_86.exe

    • Size

      702.4MB

    • MD5

      deaaff59e0eb4e8865f5da9556f857ca

    • SHA1

      0bf64293ac739d68986cd606295f6ff13fb0e55f

    • SHA256

      f40c4729c00b960427670c209d7a22da48f26a135f64718a399dd4b34048b93b

    • SHA512

      9b379c6bf1ee3e9f742edc5c394910a452adbbfe9f889a51129aee67f6e5de2061d09bec377561ec7961ea73913767348d3790e906e6f5b0a24b8c63441ec8ed

    • SSDEEP

      196608:4S5rfUza9s4bZ8zm4v+/OFCCbdC1Zutbxf:4S579s4bazpmmFzC1otb

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks