Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    decdb0792dc19680eb2ae0b6c5a57f36

  • Size

    571KB

  • Sample

    240326-k6ql9ahg9w

  • MD5

    decdb0792dc19680eb2ae0b6c5a57f36

  • SHA1

    6a39fe6622fbc6647e8199038a42348b782db0ea

  • SHA256

    b70101421d4e552f3641bea7257496edae2e5b27eed082fbdd37ab0747f2ecc6

  • SHA512

    ac798e93eb002b4c9d7630aa3c63a7e30525e1e089e4e81d820d0b255375c02a9c9ffa092e8a541dc02f1d6144058b477348bf9403988a2a1c9a363f4ad09dc2

  • SSDEEP

    12288:N880N2Ymmt0LDXoNIzfday0rUjk5ymOcB+pwPprnv:N8RwoSz1ay0rUKLOsDFnv

Malware Config

Targets

    • Target

      decdb0792dc19680eb2ae0b6c5a57f36

    • Size

      571KB

    • MD5

      decdb0792dc19680eb2ae0b6c5a57f36

    • SHA1

      6a39fe6622fbc6647e8199038a42348b782db0ea

    • SHA256

      b70101421d4e552f3641bea7257496edae2e5b27eed082fbdd37ab0747f2ecc6

    • SHA512

      ac798e93eb002b4c9d7630aa3c63a7e30525e1e089e4e81d820d0b255375c02a9c9ffa092e8a541dc02f1d6144058b477348bf9403988a2a1c9a363f4ad09dc2

    • SSDEEP

      12288:N880N2Ymmt0LDXoNIzfday0rUjk5ymOcB+pwPprnv:N8RwoSz1ay0rUKLOsDFnv

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks