Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2079d28cfe9bac1b838dbf96dd395c078e662253f4287e2f610c6a3b712f9b4e

  • Size

    2.1MB

  • Sample

    240710-yrkz4sxcqq

  • MD5

    9495808a40897beecc1a9478139eb1aa

  • SHA1

    66d0f09e5de0769f70e9511301aa826379f85129

  • SHA256

    2079d28cfe9bac1b838dbf96dd395c078e662253f4287e2f610c6a3b712f9b4e

  • SHA512

    24b052258243f7892adfb3feb153b6060d086f4cc2765a7c011871d8ab1b6f4970022cb2c3bbe589b93f7c59263656d048fe09d58c36608eb478b8f5cf85371c

  • SSDEEP

    49152:5NcghdUL2FC24pVtjkVz4nPDusl8g9GqgCqWmrZl/XcSC5GRjq:Hcghdy4j4pV1kmn7us10qjqW/bH

Malware Config

Targets

    • Target

      2079d28cfe9bac1b838dbf96dd395c078e662253f4287e2f610c6a3b712f9b4e

    • Size

      2.1MB

    • MD5

      9495808a40897beecc1a9478139eb1aa

    • SHA1

      66d0f09e5de0769f70e9511301aa826379f85129

    • SHA256

      2079d28cfe9bac1b838dbf96dd395c078e662253f4287e2f610c6a3b712f9b4e

    • SHA512

      24b052258243f7892adfb3feb153b6060d086f4cc2765a7c011871d8ab1b6f4970022cb2c3bbe589b93f7c59263656d048fe09d58c36608eb478b8f5cf85371c

    • SSDEEP

      49152:5NcghdUL2FC24pVtjkVz4nPDusl8g9GqgCqWmrZl/XcSC5GRjq:Hcghdy4j4pV1kmn7us10qjqW/bH

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks