Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
bd9223a89261ed0145e6a33c455d6fa6a00f7ddbb754646612682e6c624d14d3
-
Size
7.3MB
-
Sample
240501-3wbpfsag7z
-
MD5
49c1c3d1621a7af828cde4e712a64f26
-
SHA1
ba16d384f3fbd954eaa8deab2808e2341fd7466e
-
SHA256
bd9223a89261ed0145e6a33c455d6fa6a00f7ddbb754646612682e6c624d14d3
-
SHA512
0a954fe59edfc36d62859f8ca9cd32d5043662f92aa2c4d136fee185ec3c3ce305d1f0c55dc1301eb1956fb6885dff973ba2b0074dad5ffaac9e95b712f4398f
-
SSDEEP
196608:91OBiBwIPypbHKxKJAkezCFo3+vy80LtkJL5e+2Xo:3OBiB/P4b/e6K/jaDwo
Malware Config
Targets
-
-
Target
bd9223a89261ed0145e6a33c455d6fa6a00f7ddbb754646612682e6c624d14d3
-
Size
7.3MB
-
MD5
49c1c3d1621a7af828cde4e712a64f26
-
SHA1
ba16d384f3fbd954eaa8deab2808e2341fd7466e
-
SHA256
bd9223a89261ed0145e6a33c455d6fa6a00f7ddbb754646612682e6c624d14d3
-
SHA512
0a954fe59edfc36d62859f8ca9cd32d5043662f92aa2c4d136fee185ec3c3ce305d1f0c55dc1301eb1956fb6885dff973ba2b0074dad5ffaac9e95b712f4398f
-
SSDEEP
196608:91OBiBwIPypbHKxKJAkezCFo3+vy80LtkJL5e+2Xo:3OBiB/P4b/e6K/jaDwo
Score10/10-
Modifies Windows Defender Real-time Protection settings
-
Windows security bypass
-
Blocklisted process makes network request
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Drops desktop.ini file(s)
-
Drops file in System32 directory
-