Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b23844b596156df12a40ff83f99a3f87

  • Size

    1.8MB

  • Sample

    240304-qj8r7sbb5t

  • MD5

    b23844b596156df12a40ff83f99a3f87

  • SHA1

    2a94a2b010d0846d7254ce025c96344e1e528e77

  • SHA256

    a94ccc1ae00db3e21513594a20c028ebea78b28908306a1ee1ea1b0daae0617b

  • SHA512

    ea3fa1dc14ce3acf9d4bafe86b73feb0e4eed0bfed1c7ea7cf0e305c71d896564899d7cd635d7f230c8c880962719ae4f69999798d3a7a01ce0921fd12c980f1

  • SSDEEP

    49152:Mu5HOTxu5HOTwu5HOTUGqnstLet3Ly/XTJn:fHvHcHBGqnstLEK

Malware Config

Targets

    • Target

      b23844b596156df12a40ff83f99a3f87

    • Size

      1.8MB

    • MD5

      b23844b596156df12a40ff83f99a3f87

    • SHA1

      2a94a2b010d0846d7254ce025c96344e1e528e77

    • SHA256

      a94ccc1ae00db3e21513594a20c028ebea78b28908306a1ee1ea1b0daae0617b

    • SHA512

      ea3fa1dc14ce3acf9d4bafe86b73feb0e4eed0bfed1c7ea7cf0e305c71d896564899d7cd635d7f230c8c880962719ae4f69999798d3a7a01ce0921fd12c980f1

    • SSDEEP

      49152:Mu5HOTxu5HOTwu5HOTUGqnstLet3Ly/XTJn:fHvHcHBGqnstLEK

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks