Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c27f426146b8e4db99c94e172b978a57d873c05954ed91b83a6e1af4e050702a

  • Size

    1.8MB

  • Sample

    240528-ztl6maca8w

  • MD5

    da94e3e12237250c17aed59f7b6e9e2a

  • SHA1

    13a1aac6ba264a53659b23e3f8824168f043b923

  • SHA256

    c27f426146b8e4db99c94e172b978a57d873c05954ed91b83a6e1af4e050702a

  • SHA512

    73560a004fd9fc8014288f5a3d3dfefb2c8f584fe2187c695efdbaa8b314dfd6526fdfa0a7c4da3fae3d18a6dc752fc5070d4ef0afb0047fbc184a75808c9d7c

  • SSDEEP

    24576:F3vLR2VhZBJ905EmMyPnQxhe4OLwvHYgUBoHyC/hR:F3dUZTHCLAl

Malware Config

Targets

    • Target

      c27f426146b8e4db99c94e172b978a57d873c05954ed91b83a6e1af4e050702a

    • Size

      1.8MB

    • MD5

      da94e3e12237250c17aed59f7b6e9e2a

    • SHA1

      13a1aac6ba264a53659b23e3f8824168f043b923

    • SHA256

      c27f426146b8e4db99c94e172b978a57d873c05954ed91b83a6e1af4e050702a

    • SHA512

      73560a004fd9fc8014288f5a3d3dfefb2c8f584fe2187c695efdbaa8b314dfd6526fdfa0a7c4da3fae3d18a6dc752fc5070d4ef0afb0047fbc184a75808c9d7c

    • SSDEEP

      24576:F3vLR2VhZBJ905EmMyPnQxhe4OLwvHYgUBoHyC/hR:F3dUZTHCLAl

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks