Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8a54b37b52b2157d9b4db54ee42eb1c16c1bfcbe13ad4e1324d5dd8a4b602c53

  • Size

    3.2MB

  • Sample

    240805-3vc6wsweqh

  • MD5

    b2aa23a9d63c0e21ca40ee9319acd429

  • SHA1

    e27c188fb31b18e217b3bdedc294cb90eec39c62

  • SHA256

    8a54b37b52b2157d9b4db54ee42eb1c16c1bfcbe13ad4e1324d5dd8a4b602c53

  • SHA512

    8271d9d5899a015b08c2d887cce8fd7a15a1f494ea2b55d345982bb1be5f64c229e3fb098889abfb431466ab93a7d5ac5d01c087efac61080b22dd48da3150fb

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBaB/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUplbVz8eLFcz

Malware Config

Targets

    • Target

      8a54b37b52b2157d9b4db54ee42eb1c16c1bfcbe13ad4e1324d5dd8a4b602c53

    • Size

      3.2MB

    • MD5

      b2aa23a9d63c0e21ca40ee9319acd429

    • SHA1

      e27c188fb31b18e217b3bdedc294cb90eec39c62

    • SHA256

      8a54b37b52b2157d9b4db54ee42eb1c16c1bfcbe13ad4e1324d5dd8a4b602c53

    • SHA512

      8271d9d5899a015b08c2d887cce8fd7a15a1f494ea2b55d345982bb1be5f64c229e3fb098889abfb431466ab93a7d5ac5d01c087efac61080b22dd48da3150fb

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBaB/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUplbVz8eLFcz

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks