Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    571fc924f15567b238690533831137abe246a0cbfda782112b1a93af487f49f4

  • Size

    2.7MB

  • Sample

    240809-1gsy3szfqk

  • MD5

    07f2d7a5e261847251ccb427b2bd5d00

  • SHA1

    29018e3c6793003f7240ebd76de6a12c5d6932b5

  • SHA256

    571fc924f15567b238690533831137abe246a0cbfda782112b1a93af487f49f4

  • SHA512

    7a5641521cf24264ce33ba5c8f4ba6eba2ce18a187c2c9ae7d0d66833c9fb05702b5e939d713f9eb0d033389c45cfb246233786a4b55f1f7a04c03b3c44ea387

  • SSDEEP

    49152:+R0p8xHycIq+GI27nGroMPTJPer1c2HSjpjK3LBJ9w4S+:+R0pI/IQlUoMPdmpSpF4X

Malware Config

Targets

    • Target

      571fc924f15567b238690533831137abe246a0cbfda782112b1a93af487f49f4

    • Size

      2.7MB

    • MD5

      07f2d7a5e261847251ccb427b2bd5d00

    • SHA1

      29018e3c6793003f7240ebd76de6a12c5d6932b5

    • SHA256

      571fc924f15567b238690533831137abe246a0cbfda782112b1a93af487f49f4

    • SHA512

      7a5641521cf24264ce33ba5c8f4ba6eba2ce18a187c2c9ae7d0d66833c9fb05702b5e939d713f9eb0d033389c45cfb246233786a4b55f1f7a04c03b3c44ea387

    • SSDEEP

      49152:+R0p8xHycIq+GI27nGroMPTJPer1c2HSjpjK3LBJ9w4S+:+R0pI/IQlUoMPdmpSpF4X

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks