Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ec5dcd76a232dfcd9643366e804c09b1f4ae64aff71407152f42efd25d871d4c

  • Size

    243KB

  • Sample

    240620-fpzrdavdjq

  • MD5

    88f741a5cbe54409d9b9e60db78d80b2

  • SHA1

    443c5168049a4d388fd7377c04d2a6cf87ea873f

  • SHA256

    ec5dcd76a232dfcd9643366e804c09b1f4ae64aff71407152f42efd25d871d4c

  • SHA512

    652f522cda812506bae038fa8950c9fdfdde9be6765d847c338ee0a433eb09fb1b56d67d4aa3f978876889b9bef79e1064f2778c8c1c41dd38d2f8a3e1b71b84

  • SSDEEP

    6144:dXC4vgmhbIxs3NBR3zskkSHyBiDQLyLSyV151qNv:dXCNi9BZAkljDQeLSkf1qF

Malware Config

Targets

    • Target

      ec5dcd76a232dfcd9643366e804c09b1f4ae64aff71407152f42efd25d871d4c

    • Size

      243KB

    • MD5

      88f741a5cbe54409d9b9e60db78d80b2

    • SHA1

      443c5168049a4d388fd7377c04d2a6cf87ea873f

    • SHA256

      ec5dcd76a232dfcd9643366e804c09b1f4ae64aff71407152f42efd25d871d4c

    • SHA512

      652f522cda812506bae038fa8950c9fdfdde9be6765d847c338ee0a433eb09fb1b56d67d4aa3f978876889b9bef79e1064f2778c8c1c41dd38d2f8a3e1b71b84

    • SSDEEP

      6144:dXC4vgmhbIxs3NBR3zskkSHyBiDQLyLSyV151qNv:dXCNi9BZAkljDQeLSkf1qF

    • Detects executables containing possible sandbox analysis VM usernames

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks