Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    64168c65367679a343301b04e94572a90e95c5407ca110856f34749ab7688356

  • Size

    322KB

  • Sample

    240406-1lf53sbg9z

  • MD5

    7b4d6f2cca5f5ca5bacddcdc28ef03b4

  • SHA1

    d5eb579552aed7c5dd8a26138ca0c49a0053ca11

  • SHA256

    64168c65367679a343301b04e94572a90e95c5407ca110856f34749ab7688356

  • SHA512

    ba39879d5d2d4a4c8873b082a8aafb586f950c1d9de09b434f1a69c5b96e2180c0ba11b6839623f749cc297c0f1e1971754d5bd1676b89c281160a9708210c09

  • SSDEEP

    6144:9rTfUHeeSKOS9ccFKk3Y9t9YBZ9JmkU7ivL:9n8yN0Mr8/9JBU76

Malware Config

Targets

    • Target

      64168c65367679a343301b04e94572a90e95c5407ca110856f34749ab7688356

    • Size

      322KB

    • MD5

      7b4d6f2cca5f5ca5bacddcdc28ef03b4

    • SHA1

      d5eb579552aed7c5dd8a26138ca0c49a0053ca11

    • SHA256

      64168c65367679a343301b04e94572a90e95c5407ca110856f34749ab7688356

    • SHA512

      ba39879d5d2d4a4c8873b082a8aafb586f950c1d9de09b434f1a69c5b96e2180c0ba11b6839623f749cc297c0f1e1971754d5bd1676b89c281160a9708210c09

    • SSDEEP

      6144:9rTfUHeeSKOS9ccFKk3Y9t9YBZ9JmkU7ivL:9n8yN0Mr8/9JBU76

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks