Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    69b5b243de762aa8f31b3a5de880576143985eb0c69e10b63e0c2d8cbf139456

  • Size

    717KB

  • Sample

    240406-1tachacb5y

  • MD5

    4dd82bd0cb0a6b0c9cdfed3ab7896609

  • SHA1

    a0b822a2b776d54c7f4dadf1a4b3c8dd5628ecff

  • SHA256

    69b5b243de762aa8f31b3a5de880576143985eb0c69e10b63e0c2d8cbf139456

  • SHA512

    b335cf0c09b817ea755408dbf9e27d6d48cc333aa14f5f08f50293db37194db38f865a4e8a66a4cee5e84c7fd4b42c4f1f518ed33b36b5ba3b28c2ae0c348294

  • SSDEEP

    12288:oGHasii9BmqUP2AI9YjiFkDSi/2hCV+A5KFSBIJ0wC8wbIiHOzw8YBGMNY:86mZPzZDdehSw6EOOzwzXY

Malware Config

Targets

    • Target

      69b5b243de762aa8f31b3a5de880576143985eb0c69e10b63e0c2d8cbf139456

    • Size

      717KB

    • MD5

      4dd82bd0cb0a6b0c9cdfed3ab7896609

    • SHA1

      a0b822a2b776d54c7f4dadf1a4b3c8dd5628ecff

    • SHA256

      69b5b243de762aa8f31b3a5de880576143985eb0c69e10b63e0c2d8cbf139456

    • SHA512

      b335cf0c09b817ea755408dbf9e27d6d48cc333aa14f5f08f50293db37194db38f865a4e8a66a4cee5e84c7fd4b42c4f1f518ed33b36b5ba3b28c2ae0c348294

    • SSDEEP

      12288:oGHasii9BmqUP2AI9YjiFkDSi/2hCV+A5KFSBIJ0wC8wbIiHOzw8YBGMNY:86mZPzZDdehSw6EOOzwzXY

    • Detects executables containing possible sandbox analysis VM usernames

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks