Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f9e4dd287396c1d2dbc199e17178f9c804161ea96fa3d39817a99fa5d225e6f4

  • Size

    747KB

  • Sample

    240629-fyhjfs1hka

  • MD5

    9b1e5773bd3c6d1282b4a81bde77d2ab

  • SHA1

    0e5a8820c725474414caa145e4c31ee6ed57d45c

  • SHA256

    f9e4dd287396c1d2dbc199e17178f9c804161ea96fa3d39817a99fa5d225e6f4

  • SHA512

    d46e3ac20cce70a828dc7fe4a5b6fd4fca949753f099f79e40cb9c29142bc1fff354473663db09108c83ebb760555add7e62588fc9142391d5630bb76a5d047b

  • SSDEEP

    12288:OWji9BuqnhJ0QsAz4zjCoPeLr26lCWhIYjPFigV6I1/S9jvvS0UYlnpawn1LQiV5:CuqhJ1s7uMAhIYYU6I1/WLvS0lp5nV5

Malware Config

Targets

    • Target

      f9e4dd287396c1d2dbc199e17178f9c804161ea96fa3d39817a99fa5d225e6f4

    • Size

      747KB

    • MD5

      9b1e5773bd3c6d1282b4a81bde77d2ab

    • SHA1

      0e5a8820c725474414caa145e4c31ee6ed57d45c

    • SHA256

      f9e4dd287396c1d2dbc199e17178f9c804161ea96fa3d39817a99fa5d225e6f4

    • SHA512

      d46e3ac20cce70a828dc7fe4a5b6fd4fca949753f099f79e40cb9c29142bc1fff354473663db09108c83ebb760555add7e62588fc9142391d5630bb76a5d047b

    • SSDEEP

      12288:OWji9BuqnhJ0QsAz4zjCoPeLr26lCWhIYjPFigV6I1/S9jvvS0UYlnpawn1LQiV5:CuqhJ1s7uMAhIYYU6I1/WLvS0lp5nV5

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks