Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    249400b8d9e347228077287cafdbd1792ef6453689111700421059324a9729a2

  • Size

    359KB

  • Sample

    240709-ynjymstgnh

  • MD5

    4c1c10f4a0fb6909ef3234b5c7915eab

  • SHA1

    05e02f3665e34abda550b57a110f3de3d7c31a8c

  • SHA256

    249400b8d9e347228077287cafdbd1792ef6453689111700421059324a9729a2

  • SHA512

    7a578af5ee0c5fdfc5442b5543724aaaca36ac7ee051306e52ffe7d04e3d77ed864bb0cc3f2d68c9da8512eb0c119b78b52606eb18c096fe6063cecbc865e4b1

  • SSDEEP

    6144:dXC4vgmhbIxs3NBRFC3KsadP7qxBM+5vqVB/9515vQkqS934SG06YHElP6P:dXCNi9B7cKrzqxB5FkZvFquG06/P8

Malware Config

Targets

    • Target

      249400b8d9e347228077287cafdbd1792ef6453689111700421059324a9729a2

    • Size

      359KB

    • MD5

      4c1c10f4a0fb6909ef3234b5c7915eab

    • SHA1

      05e02f3665e34abda550b57a110f3de3d7c31a8c

    • SHA256

      249400b8d9e347228077287cafdbd1792ef6453689111700421059324a9729a2

    • SHA512

      7a578af5ee0c5fdfc5442b5543724aaaca36ac7ee051306e52ffe7d04e3d77ed864bb0cc3f2d68c9da8512eb0c119b78b52606eb18c096fe6063cecbc865e4b1

    • SSDEEP

      6144:dXC4vgmhbIxs3NBRFC3KsadP7qxBM+5vqVB/9515vQkqS934SG06YHElP6P:dXCNi9B7cKrzqxB5FkZvFquG06/P8

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks