Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    411f877c71de2bf4718b68510fc92d8c5b0a8b1dd145b54ccb6dbf2518ed9b43

  • Size

    1.8MB

  • Sample

    240627-zsdg4asgrk

  • MD5

    9e310bedb2289c203bc76dad55a1a3ec

  • SHA1

    0513eb8d10b4ed344e886f5494a30dcf25c7b534

  • SHA256

    411f877c71de2bf4718b68510fc92d8c5b0a8b1dd145b54ccb6dbf2518ed9b43

  • SHA512

    ccd8dec84c43fd4782e43b12a057e01c0e05f761a6b6eb24f1785069c1cd16a90fd05d8519079d0a75839d16b57b62997f897da7be96c60ef3fd1dfb12962adf

  • SSDEEP

    49152:DGlG51HkQN7v6gxNnAxUxwkfTsycJtBXnFqTvXabpdFMmAF+a:a6Eovsx3G43RXn4TWF9AF+a

Malware Config

Targets

    • Target

      411f877c71de2bf4718b68510fc92d8c5b0a8b1dd145b54ccb6dbf2518ed9b43

    • Size

      1.8MB

    • MD5

      9e310bedb2289c203bc76dad55a1a3ec

    • SHA1

      0513eb8d10b4ed344e886f5494a30dcf25c7b534

    • SHA256

      411f877c71de2bf4718b68510fc92d8c5b0a8b1dd145b54ccb6dbf2518ed9b43

    • SHA512

      ccd8dec84c43fd4782e43b12a057e01c0e05f761a6b6eb24f1785069c1cd16a90fd05d8519079d0a75839d16b57b62997f897da7be96c60ef3fd1dfb12962adf

    • SSDEEP

      49152:DGlG51HkQN7v6gxNnAxUxwkfTsycJtBXnFqTvXabpdFMmAF+a:a6Eovsx3G43RXn4TWF9AF+a

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks