Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c6ac7f49caefba145a20281ddd359bcb645a95a4328e1dedb63548edbcb9227a

  • Size

    3.1MB

  • Sample

    240810-f1lnwsxdlp

  • MD5

    8fafe7f30697a37760bd5e7c8af6cc04

  • SHA1

    d2e6ea8811b095f84f837bc819f6138507ad4070

  • SHA256

    c6ac7f49caefba145a20281ddd359bcb645a95a4328e1dedb63548edbcb9227a

  • SHA512

    2d145a60f3d9959224d94178eb685a13cb00f815ec9ca306f231a7c740b0e73a6b965886da11c65e5c3a6b813e9a3f8da06857f857e753f43160bc0657f2afd8

  • SSDEEP

    49152:V0HsYSFbiGpaf60xTLKouAq2pRLHmWuRR1fQk2kwD0w/W4W:VNlex605vq2PzzMXrrSW4W

Malware Config

Targets

    • Target

      c6ac7f49caefba145a20281ddd359bcb645a95a4328e1dedb63548edbcb9227a

    • Size

      3.1MB

    • MD5

      8fafe7f30697a37760bd5e7c8af6cc04

    • SHA1

      d2e6ea8811b095f84f837bc819f6138507ad4070

    • SHA256

      c6ac7f49caefba145a20281ddd359bcb645a95a4328e1dedb63548edbcb9227a

    • SHA512

      2d145a60f3d9959224d94178eb685a13cb00f815ec9ca306f231a7c740b0e73a6b965886da11c65e5c3a6b813e9a3f8da06857f857e753f43160bc0657f2afd8

    • SSDEEP

      49152:V0HsYSFbiGpaf60xTLKouAq2pRLHmWuRR1fQk2kwD0w/W4W:VNlex605vq2PzzMXrrSW4W

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks