Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ec0634d34dbc58217f1fa775c5fcf4222ca8f18886435b6c46049b2dd40d5c92

  • Size

    1.3MB

  • Sample

    240508-mgsfnafh3z

  • MD5

    e0525d62c2d2d276cd6b0c7ee8ba40ed

  • SHA1

    adf8f71d60238eb655c1ae7f7d502970be252e50

  • SHA256

    ec0634d34dbc58217f1fa775c5fcf4222ca8f18886435b6c46049b2dd40d5c92

  • SHA512

    a87c2a3b0445a2c95646671c46a5e74147146a7d2ff623cc4a50c17df0b01e713aa85552d1d2a5fbb7d710f4abdfb8e6bec91b88f50ca0a1812341e30d9f8b81

  • SSDEEP

    24576:Qak/7Nk4RZOS+5DKZu0zoFmDcpii9iGn+66rLfJIgtEqPILWz8oDqE:Qak/DM2Zu+k0WdEacJRIo+E

Malware Config

Targets

    • Target

      ec0634d34dbc58217f1fa775c5fcf4222ca8f18886435b6c46049b2dd40d5c92

    • Size

      1.3MB

    • MD5

      e0525d62c2d2d276cd6b0c7ee8ba40ed

    • SHA1

      adf8f71d60238eb655c1ae7f7d502970be252e50

    • SHA256

      ec0634d34dbc58217f1fa775c5fcf4222ca8f18886435b6c46049b2dd40d5c92

    • SHA512

      a87c2a3b0445a2c95646671c46a5e74147146a7d2ff623cc4a50c17df0b01e713aa85552d1d2a5fbb7d710f4abdfb8e6bec91b88f50ca0a1812341e30d9f8b81

    • SSDEEP

      24576:Qak/7Nk4RZOS+5DKZu0zoFmDcpii9iGn+66rLfJIgtEqPILWz8oDqE:Qak/DM2Zu+k0WdEacJRIo+E

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks