Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b46893cd6c4e9ad589051f4f677f25fc

  • Size

    2.2MB

  • Sample

    240305-lw48bsch43

  • MD5

    b46893cd6c4e9ad589051f4f677f25fc

  • SHA1

    a6fe46fbd930e02e3b3028aa11c17d98a0bd2510

  • SHA256

    36d03550d4e37c973f1b752dcfc04fa19bd28ac0bb471a3d43befdd758ec9886

  • SHA512

    4e60a9661e28598fc6f994cedfd53c65e3a75383583279c38b5deb79f6d50240fee11316ece1ed621f48c16164589fbc9b92432c5c5d2b102014e2b7c62a0d12

  • SSDEEP

    49152:i/NKDdljS0g7mM+M6RkMkIM7I067hn1d3So72nMbzD:cNCM+M6RkMkIM7Qnh7DD

Malware Config

Targets

    • Target

      b46893cd6c4e9ad589051f4f677f25fc

    • Size

      2.2MB

    • MD5

      b46893cd6c4e9ad589051f4f677f25fc

    • SHA1

      a6fe46fbd930e02e3b3028aa11c17d98a0bd2510

    • SHA256

      36d03550d4e37c973f1b752dcfc04fa19bd28ac0bb471a3d43befdd758ec9886

    • SHA512

      4e60a9661e28598fc6f994cedfd53c65e3a75383583279c38b5deb79f6d50240fee11316ece1ed621f48c16164589fbc9b92432c5c5d2b102014e2b7c62a0d12

    • SSDEEP

      49152:i/NKDdljS0g7mM+M6RkMkIM7I067hn1d3So72nMbzD:cNCM+M6RkMkIM7Qnh7DD

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks