Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    MRT.exe

  • Size

    182.3MB

  • Sample

    240220-bwktkshc78

  • MD5

    acfdc6a3a039cfb1462c3b81cbe6a2a5

  • SHA1

    5bad1bc03464264685c85f1837dbf5a94f2de967

  • SHA256

    25dda001be45839c985f0db2a1b60a3399aa2ad4079c15fa429ebd08f9e0a7bd

  • SHA512

    62cc138abac9b611348c380d379bbbf37bb8c2b8dd0ca12537d05668fbb24fce046793918203180a153aba4af336db4569f85b222d9e71d6bc275b0506e4e5ca

  • SSDEEP

    3145728:ExZI1yI6xMfOpPRmbkoeuPBxTBNkDHhI3OQL2PZ8tG63ZBSLtwgfYyE2/6/w/95A:YZI1WpJmreSBbYwRsJon

Malware Config

Targets

    • Target

      MRT.exe

    • Size

      182.3MB

    • MD5

      acfdc6a3a039cfb1462c3b81cbe6a2a5

    • SHA1

      5bad1bc03464264685c85f1837dbf5a94f2de967

    • SHA256

      25dda001be45839c985f0db2a1b60a3399aa2ad4079c15fa429ebd08f9e0a7bd

    • SHA512

      62cc138abac9b611348c380d379bbbf37bb8c2b8dd0ca12537d05668fbb24fce046793918203180a153aba4af336db4569f85b222d9e71d6bc275b0506e4e5ca

    • SSDEEP

      3145728:ExZI1yI6xMfOpPRmbkoeuPBxTBNkDHhI3OQL2PZ8tG63ZBSLtwgfYyE2/6/w/95A:YZI1WpJmreSBbYwRsJon

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks