Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8f24109054e958cd294a1f10b7d1638cdfe39bc19aa153959f1440a5972458bb

  • Size

    1.3MB

  • Sample

    240707-a1xhha1cre

  • MD5

    c3897e3e17aecbbf7e66d40bb0494d09

  • SHA1

    3b22c5a67321a12979b45717092843a4fecbeff6

  • SHA256

    8f24109054e958cd294a1f10b7d1638cdfe39bc19aa153959f1440a5972458bb

  • SHA512

    93d4e642c31e6248cac8581ce4deff1f27bd2a5408b0e648aa952d120fd18652c30009b32ec721a5d62d9f48567732dab77eb5b408b87d3555f077ddfac9b0dd

  • SSDEEP

    24576:oWWWOlRqiKJ5snpeLhHm6+S9s8kQfmTWlGHUfuaxJtX/Zel3OMP79YsasLgNjNF1:VWWKYiKJ51Lw6JY/TWlG0fJTvZel3OMa

Malware Config

Targets

    • Target

      8f24109054e958cd294a1f10b7d1638cdfe39bc19aa153959f1440a5972458bb

    • Size

      1.3MB

    • MD5

      c3897e3e17aecbbf7e66d40bb0494d09

    • SHA1

      3b22c5a67321a12979b45717092843a4fecbeff6

    • SHA256

      8f24109054e958cd294a1f10b7d1638cdfe39bc19aa153959f1440a5972458bb

    • SHA512

      93d4e642c31e6248cac8581ce4deff1f27bd2a5408b0e648aa952d120fd18652c30009b32ec721a5d62d9f48567732dab77eb5b408b87d3555f077ddfac9b0dd

    • SSDEEP

      24576:oWWWOlRqiKJ5snpeLhHm6+S9s8kQfmTWlGHUfuaxJtX/Zel3OMP79YsasLgNjNF1:VWWKYiKJ51Lw6JY/TWlG0fJTvZel3OMa

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks