Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    bf64f0b89179c564e2ccac32d33face7727c828421044c6c132dece09c026aa3

  • Size

    305KB

  • Sample

    240417-fdel3aff4w

  • MD5

    e2d45c465fd698e29d05ce3401c01222

  • SHA1

    519160fc2c2b822644e37d1ff9e65a869a2c8278

  • SHA256

    bf64f0b89179c564e2ccac32d33face7727c828421044c6c132dece09c026aa3

  • SHA512

    45fd32bce2f548fa0f5e73621495816ede023a4fd72fefdfedb588e5d4741457b777eedd8a404ac284794df1bfa5bc48e4bcb895708f46746b235defda77c81a

  • SSDEEP

    3072:oi3GcRMXNeNhTROfvgPUVfk+rh1qURq+eLR6apNWKELZRdylkvvZqC5fyEQlEN:Pu8h8gsFkORiRRpNLELxylSRqYfys

Malware Config

Targets

    • Target

      bf64f0b89179c564e2ccac32d33face7727c828421044c6c132dece09c026aa3

    • Size

      305KB

    • MD5

      e2d45c465fd698e29d05ce3401c01222

    • SHA1

      519160fc2c2b822644e37d1ff9e65a869a2c8278

    • SHA256

      bf64f0b89179c564e2ccac32d33face7727c828421044c6c132dece09c026aa3

    • SHA512

      45fd32bce2f548fa0f5e73621495816ede023a4fd72fefdfedb588e5d4741457b777eedd8a404ac284794df1bfa5bc48e4bcb895708f46746b235defda77c81a

    • SSDEEP

      3072:oi3GcRMXNeNhTROfvgPUVfk+rh1qURq+eLR6apNWKELZRdylkvvZqC5fyEQlEN:Pu8h8gsFkORiRRpNLELxylSRqYfys

    • Stealc

      Stealc is an infostealer written in C++.

    • Downloads MZ/PE file

    • Loads dropped DLL

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks