Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ec89c6732b95fb3585dcdcf430f8d06fc6f05e778796a526e8291730178c59b6

  • Size

    236KB

  • Sample

    240707-fs8tfsxake

  • MD5

    90a45d1cbfc0493cd2912e390a03ebed

  • SHA1

    803627aa80f2e331be2042f62074d609e5e2a442

  • SHA256

    ec89c6732b95fb3585dcdcf430f8d06fc6f05e778796a526e8291730178c59b6

  • SHA512

    f940686bb6490a4478d46b2cf057ccdb798c0a5f3d2bb975e64f9e03086dd88130878ec57cfeb396c9208a39b9e6a9562e0dee9f6d1ac27f035f595f95c34203

  • SSDEEP

    6144:dXC4vgmhbIxs3NBBFk2T6hLs2qsaJdcEU5TCn47uomjv:dXCNi9BMekG7gTC4Q

Malware Config

Targets

    • Target

      ec89c6732b95fb3585dcdcf430f8d06fc6f05e778796a526e8291730178c59b6

    • Size

      236KB

    • MD5

      90a45d1cbfc0493cd2912e390a03ebed

    • SHA1

      803627aa80f2e331be2042f62074d609e5e2a442

    • SHA256

      ec89c6732b95fb3585dcdcf430f8d06fc6f05e778796a526e8291730178c59b6

    • SHA512

      f940686bb6490a4478d46b2cf057ccdb798c0a5f3d2bb975e64f9e03086dd88130878ec57cfeb396c9208a39b9e6a9562e0dee9f6d1ac27f035f595f95c34203

    • SSDEEP

      6144:dXC4vgmhbIxs3NBBFk2T6hLs2qsaJdcEU5TCn47uomjv:dXCNi9BMekG7gTC4Q

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks