Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    acaef7a4ed87dc90ff181955ea7a2bbf

  • Size

    1.4MB

  • Sample

    240228-yb9njacb93

  • MD5

    acaef7a4ed87dc90ff181955ea7a2bbf

  • SHA1

    e0292a9243be088f673b151ddb9d81d34ed50c1e

  • SHA256

    555279cf7c7064b32bd5595f490702dba5c5aec6a0b58db22410880ad42b7106

  • SHA512

    b1383930888c5effe283617964cfad0753619863e3a9865c174a3dcaabf8e224fdf1ab6d69d7c3d41b2ebfc9d4fa8e2d8c15f10b68cd13a2bff3e0a4e7721536

  • SSDEEP

    24576:slbRUyb2oyZ1rdHgCu4oK1I+zZMZaPKLQXuXujAnO6eWe0LjlEQfARoac:UUybE3RHgCud+I++p8XuXJq8l9Fac

Malware Config

Targets

    • Target

      acaef7a4ed87dc90ff181955ea7a2bbf

    • Size

      1.4MB

    • MD5

      acaef7a4ed87dc90ff181955ea7a2bbf

    • SHA1

      e0292a9243be088f673b151ddb9d81d34ed50c1e

    • SHA256

      555279cf7c7064b32bd5595f490702dba5c5aec6a0b58db22410880ad42b7106

    • SHA512

      b1383930888c5effe283617964cfad0753619863e3a9865c174a3dcaabf8e224fdf1ab6d69d7c3d41b2ebfc9d4fa8e2d8c15f10b68cd13a2bff3e0a4e7721536

    • SSDEEP

      24576:slbRUyb2oyZ1rdHgCu4oK1I+zZMZaPKLQXuXujAnO6eWe0LjlEQfARoac:UUybE3RHgCud+I++p8XuXJq8l9Fac

    • Detect Lumma Stealer payload V4

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Modifies security service

    • Executes dropped EXE

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Loads dropped DLL

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks