Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6a03af0f09818c405bea61cc21b6581f

  • Size

    106KB

  • Sample

    240409-2py1qsff75

  • MD5

    6a03af0f09818c405bea61cc21b6581f

  • SHA1

    ef577f8861f1f126f5afd7a02ad1e033f93b6e66

  • SHA256

    c6f9bf01583b17a4dbbee494ebdd901aa3b12723ebef43d5e39fbbb7936b2e23

  • SHA512

    c7947facd23c6779a4f5fc824b64c8429a6a30756396d65c9d0246b4fc68ffdd86501f9d0f50d56f396b6c75ad3d07f92008b982560d0f3bd8a0373e1563cf0f

  • SSDEEP

    3072:oGqIGRpTa9p1om9PW/pqqsFUCN3R9MI+I0ZfG:oGHGRpO9p1om9+xs3NBBSG

Malware Config

Targets

    • Target

      6a03af0f09818c405bea61cc21b6581f

    • Size

      106KB

    • MD5

      6a03af0f09818c405bea61cc21b6581f

    • SHA1

      ef577f8861f1f126f5afd7a02ad1e033f93b6e66

    • SHA256

      c6f9bf01583b17a4dbbee494ebdd901aa3b12723ebef43d5e39fbbb7936b2e23

    • SHA512

      c7947facd23c6779a4f5fc824b64c8429a6a30756396d65c9d0246b4fc68ffdd86501f9d0f50d56f396b6c75ad3d07f92008b982560d0f3bd8a0373e1563cf0f

    • SSDEEP

      3072:oGqIGRpTa9p1om9PW/pqqsFUCN3R9MI+I0ZfG:oGHGRpO9p1om9+xs3NBBSG

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks