Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    file.exe

  • Size

    311KB

  • Sample

    240203-tvs3nsddf4

  • MD5

    47a9ad9888724da4a3dd11a15c4401be

  • SHA1

    7755fb0e3cc2338eb50c38ebad16d61f7ee03897

  • SHA256

    09a3c4f70de5f39ce1ab64579619d4efd70dbf59fd15f04fa58fc8072c1dcbcc

  • SHA512

    5c57f395d1b604053aa2a84fcc4756db23fbf2396f208b985d8000a7c05319fd594f034808b1b897cb179bce34b9cd617a0abaff3b07ac0916b6304dca270a70

  • SSDEEP

    6144:9G6rMlhjyjWLE08ufGWfJiAdjmFFcqlDtAwiPdfsw:Lwh2jWLB8xud25lKwiPdfsw

Malware Config

Targets

    • Target

      file.exe

    • Size

      311KB

    • MD5

      47a9ad9888724da4a3dd11a15c4401be

    • SHA1

      7755fb0e3cc2338eb50c38ebad16d61f7ee03897

    • SHA256

      09a3c4f70de5f39ce1ab64579619d4efd70dbf59fd15f04fa58fc8072c1dcbcc

    • SHA512

      5c57f395d1b604053aa2a84fcc4756db23fbf2396f208b985d8000a7c05319fd594f034808b1b897cb179bce34b9cd617a0abaff3b07ac0916b6304dca270a70

    • SSDEEP

      6144:9G6rMlhjyjWLE08ufGWfJiAdjmFFcqlDtAwiPdfsw:Lwh2jWLB8xud25lKwiPdfsw

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks