Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7f2330def39913a8dfa6252f81637197

  • Size

    249KB

  • Sample

    240129-ha37cscag2

  • MD5

    7f2330def39913a8dfa6252f81637197

  • SHA1

    5f4e7714e7a278ad5279a62f1b352e80252c934d

  • SHA256

    9de7bad6c008475fc6b83764c55296f7e45a32342c445c46ce3e384737ad30fe

  • SHA512

    e26e44875fcb4d963b44352abacb537cd2df9a3feeffe03521b0e6858287d98e8c1c48f377bf5ed314e062c6b7a89f3c5b5932e41f57601dbae8e69988b1cb47

  • SSDEEP

    6144:IM0Ky/jFZofhxOeqKlusmJTZVDcgR2Ge0Uxe955WMenawoS:IM0KybFZShMeqqufpXDJQGexGjHwoS

Malware Config

Targets

    • Target

      7f2330def39913a8dfa6252f81637197

    • Size

      249KB

    • MD5

      7f2330def39913a8dfa6252f81637197

    • SHA1

      5f4e7714e7a278ad5279a62f1b352e80252c934d

    • SHA256

      9de7bad6c008475fc6b83764c55296f7e45a32342c445c46ce3e384737ad30fe

    • SHA512

      e26e44875fcb4d963b44352abacb537cd2df9a3feeffe03521b0e6858287d98e8c1c48f377bf5ed314e062c6b7a89f3c5b5932e41f57601dbae8e69988b1cb47

    • SSDEEP

      6144:IM0Ky/jFZofhxOeqKlusmJTZVDcgR2Ge0Uxe955WMenawoS:IM0KybFZShMeqqufpXDJQGexGjHwoS

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks