Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2fcf6fe837b6364d1fee9a5571705eed8e4cf67e34068aeb0bf435b374525998

  • Size

    2.0MB

  • Sample

    240703-yy2lfawcnj

  • MD5

    f8aa8241a5b1f06d36c10aa06098aeaa

  • SHA1

    349f4ba35e552f3763c3264155df50fe2f28390e

  • SHA256

    2fcf6fe837b6364d1fee9a5571705eed8e4cf67e34068aeb0bf435b374525998

  • SHA512

    8b8bf7e79a5dd956dc6e2fc00854acc11c129d44be939cfa1d71b7eddab739fbb84f3267597b64ec9cce7e2c3efe39360295415dc3498956beff08dec91d24fc

  • SSDEEP

    49152:C9G+HROQ/ngZYOop+qNiAImS9J+aDxeWr0y6ZnT:W3PjOjeXS9U0ey6ZT

Malware Config

Targets

    • Target

      2fcf6fe837b6364d1fee9a5571705eed8e4cf67e34068aeb0bf435b374525998

    • Size

      2.0MB

    • MD5

      f8aa8241a5b1f06d36c10aa06098aeaa

    • SHA1

      349f4ba35e552f3763c3264155df50fe2f28390e

    • SHA256

      2fcf6fe837b6364d1fee9a5571705eed8e4cf67e34068aeb0bf435b374525998

    • SHA512

      8b8bf7e79a5dd956dc6e2fc00854acc11c129d44be939cfa1d71b7eddab739fbb84f3267597b64ec9cce7e2c3efe39360295415dc3498956beff08dec91d24fc

    • SSDEEP

      49152:C9G+HROQ/ngZYOop+qNiAImS9J+aDxeWr0y6ZnT:W3PjOjeXS9U0ey6ZT

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks