Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f2e10e8fabb22ee9e3e7c28ebd20e61ad490428dbbf8c9028b9f48f395d2e5ec

  • Size

    89KB

  • Sample

    240609-pg7lpabb34

  • MD5

    8f59041eddb5e8f1c676ca4da5393c9d

  • SHA1

    554bd197102def5065b1f4dd179c4a0e9746305e

  • SHA256

    f2e10e8fabb22ee9e3e7c28ebd20e61ad490428dbbf8c9028b9f48f395d2e5ec

  • SHA512

    c1b38b63b7ec6e3dee5d94ba8295ed7c9232384dfff5c98a8492e0d705ff5c460f14ac29a83a29ca8ccee1b635ed0760fc8035a261256ec315d4764be3edc6bb

  • SSDEEP

    1536:1MIPgEm56wnbkKC2ZyBJU066lwLCRVEB+nR/y8cmNrEIviCOzuajkrDl9HNSjA:11PgEOng1d66jRVa+n4NmNNouukrD7Hv

Malware Config

Targets

    • Target

      f2e10e8fabb22ee9e3e7c28ebd20e61ad490428dbbf8c9028b9f48f395d2e5ec

    • Size

      89KB

    • MD5

      8f59041eddb5e8f1c676ca4da5393c9d

    • SHA1

      554bd197102def5065b1f4dd179c4a0e9746305e

    • SHA256

      f2e10e8fabb22ee9e3e7c28ebd20e61ad490428dbbf8c9028b9f48f395d2e5ec

    • SHA512

      c1b38b63b7ec6e3dee5d94ba8295ed7c9232384dfff5c98a8492e0d705ff5c460f14ac29a83a29ca8ccee1b635ed0760fc8035a261256ec315d4764be3edc6bb

    • SSDEEP

      1536:1MIPgEm56wnbkKC2ZyBJU066lwLCRVEB+nR/y8cmNrEIviCOzuajkrDl9HNSjA:11PgEOng1d66jRVa+n4NmNNouukrD7Hv

    • Detects executables containing base64 encoded User Agent

    • UPX dump on OEP (original entry point)

    • Blocklisted process makes network request

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks