Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6c09d4459f04f1ee2724c3dd57c2cc2699fea5bcd95653d3e117b0292001c83f

  • Size

    1.4MB

  • Sample

    240810-2hrcbawcke

  • MD5

    4a6e9c82e95a673c31f5c8c34e59a51c

  • SHA1

    2096c6941c68261e7d67f2dfe8aa28c764268b85

  • SHA256

    6c09d4459f04f1ee2724c3dd57c2cc2699fea5bcd95653d3e117b0292001c83f

  • SHA512

    e51d5d59d5402d2a049ec9ad85a964526b68562a2ffab341230ade34cb36e893c897b25356dd6b28aea899a4e4d1f9fe11ed8a19c7ca1acd5916a1a12a4d92e1

  • SSDEEP

    24576:oW4Ahlg26ZnLkqOgFQ4HT4BJesuiYF62tgAnnFzu7VOVn3M0HjetfR4C2u:V4Sl5S/vDHBsMF6YgAVCVk8Kje9S4

Malware Config

Targets

    • Target

      6c09d4459f04f1ee2724c3dd57c2cc2699fea5bcd95653d3e117b0292001c83f

    • Size

      1.4MB

    • MD5

      4a6e9c82e95a673c31f5c8c34e59a51c

    • SHA1

      2096c6941c68261e7d67f2dfe8aa28c764268b85

    • SHA256

      6c09d4459f04f1ee2724c3dd57c2cc2699fea5bcd95653d3e117b0292001c83f

    • SHA512

      e51d5d59d5402d2a049ec9ad85a964526b68562a2ffab341230ade34cb36e893c897b25356dd6b28aea899a4e4d1f9fe11ed8a19c7ca1acd5916a1a12a4d92e1

    • SSDEEP

      24576:oW4Ahlg26ZnLkqOgFQ4HT4BJesuiYF62tgAnnFzu7VOVn3M0HjetfR4C2u:V4Sl5S/vDHBsMF6YgAVCVk8Kje9S4

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks