Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7517bcff7d251ec1b91af3869182867ed8aa14be9ca5589f621590d130e71cab

  • Size

    522KB

  • Sample

    240726-3d63msvcla

  • MD5

    e24b5b983e0b899acb3805188e92bc07

  • SHA1

    913d4bd2b356af997154566b2f26764b5381e842

  • SHA256

    7517bcff7d251ec1b91af3869182867ed8aa14be9ca5589f621590d130e71cab

  • SHA512

    cd789ad944930cb6c1c0321558eb24fdb1ef89e32aefa18b70d8c755bedf9c5443423af6dc82d2d20bf6ae4dcc323f7677e59bf232eee239a5b9c33ee6eecf94

  • SSDEEP

    12288:JXCNi9BakfArT8NPCctRHpvCNLcnPDUs4GHM:sWaLT2qctRHpbDUkHM

Malware Config

Targets

    • Target

      7517bcff7d251ec1b91af3869182867ed8aa14be9ca5589f621590d130e71cab

    • Size

      522KB

    • MD5

      e24b5b983e0b899acb3805188e92bc07

    • SHA1

      913d4bd2b356af997154566b2f26764b5381e842

    • SHA256

      7517bcff7d251ec1b91af3869182867ed8aa14be9ca5589f621590d130e71cab

    • SHA512

      cd789ad944930cb6c1c0321558eb24fdb1ef89e32aefa18b70d8c755bedf9c5443423af6dc82d2d20bf6ae4dcc323f7677e59bf232eee239a5b9c33ee6eecf94

    • SSDEEP

      12288:JXCNi9BakfArT8NPCctRHpvCNLcnPDUs4GHM:sWaLT2qctRHpbDUkHM

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks