Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a1ab25b6f5076c05976eada7db7831cd

  • Size

    31KB

  • Sample

    240224-ms1w6she39

  • MD5

    a1ab25b6f5076c05976eada7db7831cd

  • SHA1

    57f7c5a77d3ea8eaada50771476ea519c6ecae03

  • SHA256

    7f3e0337252841c3949593723ac0ded0a8aae429560e8ceeb422c7b0a6e7f36a

  • SHA512

    3c801017981efe92940060a99e5f4c2696ba7ea47c917ece7fd44adc2bc9bfd6c8ae60ae521b200ca61481d031cb14c9c6cbda37b38218f34afc151483ad73f2

  • SSDEEP

    768:kPEv8mAZFR4f0UygfybjQ4TIh4uOlb6/mdQl:RToWMUygfkj4h4uOlmiQl

Malware Config

Targets

    • Target

      a1ab25b6f5076c05976eada7db7831cd

    • Size

      31KB

    • MD5

      a1ab25b6f5076c05976eada7db7831cd

    • SHA1

      57f7c5a77d3ea8eaada50771476ea519c6ecae03

    • SHA256

      7f3e0337252841c3949593723ac0ded0a8aae429560e8ceeb422c7b0a6e7f36a

    • SHA512

      3c801017981efe92940060a99e5f4c2696ba7ea47c917ece7fd44adc2bc9bfd6c8ae60ae521b200ca61481d031cb14c9c6cbda37b38218f34afc151483ad73f2

    • SSDEEP

      768:kPEv8mAZFR4f0UygfybjQ4TIh4uOlb6/mdQl:RToWMUygfkj4h4uOlmiQl

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses Microsoft Outlook profiles

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks