Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Toolbar.exe

  • Size

    206KB

  • Sample

    240612-jlk1lavdkg

  • MD5

    216044ee366b18762dbd88b44f17eb40

  • SHA1

    80b9e88e738bdb7fcaf5c7ad2fcc158182e3e789

  • SHA256

    8df178881e8b75967bc0d637dec79f0c8ef74aa69d34469edb6c5f54bc02d2f7

  • SHA512

    4e63a1aa05651d17801c94bbf894689f493628cb5b3e67519831a3692ae07f81fc5ebc4d624ffd44d6f8a04ad553d359c22c9be6668da1d4fff009adb5de49d2

  • SSDEEP

    3072:fes+5ywGAwXH+cn0/tftYgr6qXVd/G4b0cW5ic5dw5RjBZQ6o40n8WMsxzW:fes+5ytB3RyeUV93bO5iP5NQJ+spW

Malware Config

Targets

    • Target

      Device/HarddiskVolume3/Users/tomphilip/AppData/Local/Temp/NER86D7.tmp/Toolbar.exe

    • Size

      472KB

    • MD5

      0f53d59df42827e7af4fc207e600a999

    • SHA1

      bee96291323d129cf104d0fa8ecbe8aab5e4bca5

    • SHA256

      784ad117dc1cd965a561ee729f086049fe47694aa3545ea6408d2ff31917827f

    • SHA512

      1cc407b30c60b7ba865daa2036573c8c205b3710de86a8921c0c47b8e9889bd0d97512ab31160fdeb68220ff8a742fccb3230b74ca65f97c5b019acac8708cfe

    • SSDEEP

      12288:vTOAkRj7IqoRHaxYmzzxrFdLh/20lRSgi:v6AkRjyaxYmdxdLxt

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks