Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7ed6669275b4f7ef72fcb5ca59eafff4

  • Size

    576KB

  • Sample

    240129-emzg6ahee3

  • MD5

    7ed6669275b4f7ef72fcb5ca59eafff4

  • SHA1

    bc281b10918e351939cabf0b9ad94714391efa1e

  • SHA256

    3d67d225b2cb66e45dab3b88eefc316d6b5da7648f3a4e13939058d64943daf0

  • SHA512

    3c62d5e90e004db2e46208f78fdd770ff18795fe7332af1ce0d684263b3ad7fd90108bf301e6d278cfc7adc470a7fa1b225dd56ab0fd752216f68eb909330aba

  • SSDEEP

    12288:CVEeMMiPTI538Faif9HLR5O6IyfruKv91zNCe88wYUxB+x2Y:COkaC3ViFrnO6Iyf7vQYj2Y

Malware Config

Targets

    • Target

      7ed6669275b4f7ef72fcb5ca59eafff4

    • Size

      576KB

    • MD5

      7ed6669275b4f7ef72fcb5ca59eafff4

    • SHA1

      bc281b10918e351939cabf0b9ad94714391efa1e

    • SHA256

      3d67d225b2cb66e45dab3b88eefc316d6b5da7648f3a4e13939058d64943daf0

    • SHA512

      3c62d5e90e004db2e46208f78fdd770ff18795fe7332af1ce0d684263b3ad7fd90108bf301e6d278cfc7adc470a7fa1b225dd56ab0fd752216f68eb909330aba

    • SSDEEP

      12288:CVEeMMiPTI538Faif9HLR5O6IyfruKv91zNCe88wYUxB+x2Y:COkaC3ViFrnO6Iyf7vQYj2Y

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks