Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c04fddfaab6b879a25b036980a34908e

  • Size

    138KB

  • Sample

    240311-l269wafg69

  • MD5

    c04fddfaab6b879a25b036980a34908e

  • SHA1

    b6692c046c120a1aa3c058ba2bdbf92a82dae451

  • SHA256

    d7a7148cdc505caccc77e11d444a278a47b6b10c9378bcf2a78d937bd2d42b25

  • SHA512

    f1b64b24f50d0370aa04cde3494d14623aba72329b13e1d28d3138b518fdf753c82f091a704b362f4242c488e849d21d62ed7271c66f6169975a1188937a1b96

  • SSDEEP

    3072:/caqyte6QMV77snHLLxtYOxyaXOqdPNbnhW4IxZx5kCZuubFrhU1wKKrONm2:/caBtz77snHRqY7PNNW4IxZ7zbC0rONX

Malware Config

Targets

    • Target

      c04fddfaab6b879a25b036980a34908e

    • Size

      138KB

    • MD5

      c04fddfaab6b879a25b036980a34908e

    • SHA1

      b6692c046c120a1aa3c058ba2bdbf92a82dae451

    • SHA256

      d7a7148cdc505caccc77e11d444a278a47b6b10c9378bcf2a78d937bd2d42b25

    • SHA512

      f1b64b24f50d0370aa04cde3494d14623aba72329b13e1d28d3138b518fdf753c82f091a704b362f4242c488e849d21d62ed7271c66f6169975a1188937a1b96

    • SSDEEP

      3072:/caqyte6QMV77snHLLxtYOxyaXOqdPNbnhW4IxZx5kCZuubFrhU1wKKrONm2:/caBtz77snHRqY7PNNW4IxZ7zbC0rONX

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads WinSCP keys stored on the system

      Tries to access WinSCP stored sessions.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks