Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    63d695c55d5b6bac972eef63933f6d2cc5ec76c9240e0d28e5cf94864be784dd

  • Size

    134KB

  • Sample

    240406-1k46hsbg9s

  • MD5

    3051f39fe2070585a319c6fef26f13e0

  • SHA1

    3322c25ab5c5aa2031bafa29684c8471c5457f9b

  • SHA256

    63d695c55d5b6bac972eef63933f6d2cc5ec76c9240e0d28e5cf94864be784dd

  • SHA512

    79c01e6f97d5d1c4e04eb797ee544121cfbf49dd82a430045b9f6a1c5ef01b9a35c10a8e834b0a4d04be8605404c15429ad011b14fd51c5bae3df09c25de80b6

  • SSDEEP

    3072:6hiBJIziTRFyG/MaeHDhjuaEuJTudcrExXmRrdm:fBJIziFFyG/XsuduJT0xXmZU

Malware Config

Targets

    • Target

      63d695c55d5b6bac972eef63933f6d2cc5ec76c9240e0d28e5cf94864be784dd

    • Size

      134KB

    • MD5

      3051f39fe2070585a319c6fef26f13e0

    • SHA1

      3322c25ab5c5aa2031bafa29684c8471c5457f9b

    • SHA256

      63d695c55d5b6bac972eef63933f6d2cc5ec76c9240e0d28e5cf94864be784dd

    • SHA512

      79c01e6f97d5d1c4e04eb797ee544121cfbf49dd82a430045b9f6a1c5ef01b9a35c10a8e834b0a4d04be8605404c15429ad011b14fd51c5bae3df09c25de80b6

    • SSDEEP

      3072:6hiBJIziTRFyG/MaeHDhjuaEuJTudcrExXmRrdm:fBJIziFFyG/XsuduJT0xXmZU

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks