Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    16dfd229d41b1d8ebdf011cdd3238940.bin

  • Size

    1.5MB

  • Sample

    240708-by4z8sycpg

  • MD5

    16dfd229d41b1d8ebdf011cdd3238940

  • SHA1

    26c8273135e1acc5fd0f1eccfda56db59a6cf8b9

  • SHA256

    01fc299daaaf509c8b01d05c6a79912f6720b5d2a6a6b192f0bf95bdfd6a3816

  • SHA512

    4e73534e5ab441442bcc28509e10b7825215173876fa380508cc3d298a918b6069822b8e8d9851d9a4570296a32e86098fb49959ce7bbc5aff3c15373f35ad70

  • SSDEEP

    49152:Vhs5lCgD/32Nl7D1siQGKcAd2SygjMNgmcn:I5lCgD/32NJcckMgP

Malware Config

Targets

    • Target

      16dfd229d41b1d8ebdf011cdd3238940.bin

    • Size

      1.5MB

    • MD5

      16dfd229d41b1d8ebdf011cdd3238940

    • SHA1

      26c8273135e1acc5fd0f1eccfda56db59a6cf8b9

    • SHA256

      01fc299daaaf509c8b01d05c6a79912f6720b5d2a6a6b192f0bf95bdfd6a3816

    • SHA512

      4e73534e5ab441442bcc28509e10b7825215173876fa380508cc3d298a918b6069822b8e8d9851d9a4570296a32e86098fb49959ce7bbc5aff3c15373f35ad70

    • SSDEEP

      49152:Vhs5lCgD/32Nl7D1siQGKcAd2SygjMNgmcn:I5lCgD/32NJcckMgP

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks