Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    42c2882aa22d20f479ae0f557bd1c31f

  • Size

    1.3MB

  • Sample

    240409-197ypsee32

  • MD5

    42c2882aa22d20f479ae0f557bd1c31f

  • SHA1

    f8b392739751efe14fafb13d188ac680cb05eb6d

  • SHA256

    01251d650599ba1c7d04ada7e178b1a58dfc1048dfeb9a10f85aa96464457567

  • SHA512

    769aa65e2ca80cdc2f0c415b330857f6657afeee4dcaa6ccf01a7243a23092a0eada8806745cc4b82d13bb7248d74399ae174c2909135faabf1fbb6e2c29df80

  • SSDEEP

    24576:0BTXVm/Jnel5yRgxM3IwMeM1T9N0NhS+5igwcFdsoukZ3bq7AIp:AXVmx23e6JN0NhTigwcfsnkpqt

Malware Config

Targets

    • Target

      42c2882aa22d20f479ae0f557bd1c31f

    • Size

      1.3MB

    • MD5

      42c2882aa22d20f479ae0f557bd1c31f

    • SHA1

      f8b392739751efe14fafb13d188ac680cb05eb6d

    • SHA256

      01251d650599ba1c7d04ada7e178b1a58dfc1048dfeb9a10f85aa96464457567

    • SHA512

      769aa65e2ca80cdc2f0c415b330857f6657afeee4dcaa6ccf01a7243a23092a0eada8806745cc4b82d13bb7248d74399ae174c2909135faabf1fbb6e2c29df80

    • SSDEEP

      24576:0BTXVm/Jnel5yRgxM3IwMeM1T9N0NhS+5igwcFdsoukZ3bq7AIp:AXVmx23e6JN0NhTigwcfsnkpqt

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks