Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5e7b0dd53f4f74b7ff71b7a58376bc95fce2ad1d71d52a416ea434781dc45794

  • Size

    1.8MB

  • Sample

    240806-17ty3asdrp

  • MD5

    bc46dd9f261536dcd82845756f25c27a

  • SHA1

    2cb693edc56a73198fdea701142a2695cd470b93

  • SHA256

    5e7b0dd53f4f74b7ff71b7a58376bc95fce2ad1d71d52a416ea434781dc45794

  • SHA512

    d05a5b9f90491d5b72134afb5bb98978b0b360c8438dfa1e765e33c0243df5c7be21103a410641af3600737c298490466bc9aff7de969e38bbf48ce0b784861f

  • SSDEEP

    49152:Vuds7C+tfpaQmjiCrO0NKvhpSgqlHHOFQ7nIkZTOY/OOS:8s7C+tfp8iC8vr3WHHOFs5TO0BS

Malware Config

Targets

    • Target

      5e7b0dd53f4f74b7ff71b7a58376bc95fce2ad1d71d52a416ea434781dc45794

    • Size

      1.8MB

    • MD5

      bc46dd9f261536dcd82845756f25c27a

    • SHA1

      2cb693edc56a73198fdea701142a2695cd470b93

    • SHA256

      5e7b0dd53f4f74b7ff71b7a58376bc95fce2ad1d71d52a416ea434781dc45794

    • SHA512

      d05a5b9f90491d5b72134afb5bb98978b0b360c8438dfa1e765e33c0243df5c7be21103a410641af3600737c298490466bc9aff7de969e38bbf48ce0b784861f

    • SSDEEP

      49152:Vuds7C+tfpaQmjiCrO0NKvhpSgqlHHOFQ7nIkZTOY/OOS:8s7C+tfp8iC8vr3WHHOFs5TO0BS

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks