Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ef7c01d34d8e01228e415dba82f65dd229cf0f599ecedf03e1b415a4a727a307

  • Size

    1.6MB

  • Sample

    240307-a93qwace34

  • MD5

    3bd55a7608f85dbd9c5c264492a1c004

  • SHA1

    5f4ad6bf16310c32bb5fd53b3e5ff77ce95e90a8

  • SHA256

    ef7c01d34d8e01228e415dba82f65dd229cf0f599ecedf03e1b415a4a727a307

  • SHA512

    f674b8eaab9f574af793cd1862cd88928aab752e5cd1de80988ef5f5126c9db2383ef3fdb80de9daf2afff766ec9c9d30c88b8e13d3f1884d865e461a60029ed

  • SSDEEP

    49152:5MkC/csR7ahLFZbMzm58hGlwcP6K/kkKCQFi6HCmNm:qF/cweFFZozW8sjCnk+Fcom

Malware Config

Targets

    • Target

      ef7c01d34d8e01228e415dba82f65dd229cf0f599ecedf03e1b415a4a727a307

    • Size

      1.6MB

    • MD5

      3bd55a7608f85dbd9c5c264492a1c004

    • SHA1

      5f4ad6bf16310c32bb5fd53b3e5ff77ce95e90a8

    • SHA256

      ef7c01d34d8e01228e415dba82f65dd229cf0f599ecedf03e1b415a4a727a307

    • SHA512

      f674b8eaab9f574af793cd1862cd88928aab752e5cd1de80988ef5f5126c9db2383ef3fdb80de9daf2afff766ec9c9d30c88b8e13d3f1884d865e461a60029ed

    • SSDEEP

      49152:5MkC/csR7ahLFZbMzm58hGlwcP6K/kkKCQFi6HCmNm:qF/cweFFZozW8sjCnk+Fcom

    • Detects executables containing possible sandbox analysis VM usernames

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks