Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    78d6a6247cc90761fa4e6c107cb35497b0e14b054e42904d6b38ba3002cfa93e

  • Size

    2.6MB

  • Sample

    240811-2rkk5asfpm

  • MD5

    77ae978e70a61e48348de3de0fe1c507

  • SHA1

    b83817213588ed4a1c6d62eaf36d0ad02b5dbeb2

  • SHA256

    78d6a6247cc90761fa4e6c107cb35497b0e14b054e42904d6b38ba3002cfa93e

  • SHA512

    44d5b525a7ba8042af22918d5d27ae9d98df81a627382253a577d400f488bbf983d70dd037be7e2a07077463a31622c36571fd187e0968ea3e12a44c8c15e050

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBFB/bS:sxX7QnxrloE5dpUpCb

Malware Config

Targets

    • Target

      78d6a6247cc90761fa4e6c107cb35497b0e14b054e42904d6b38ba3002cfa93e

    • Size

      2.6MB

    • MD5

      77ae978e70a61e48348de3de0fe1c507

    • SHA1

      b83817213588ed4a1c6d62eaf36d0ad02b5dbeb2

    • SHA256

      78d6a6247cc90761fa4e6c107cb35497b0e14b054e42904d6b38ba3002cfa93e

    • SHA512

      44d5b525a7ba8042af22918d5d27ae9d98df81a627382253a577d400f488bbf983d70dd037be7e2a07077463a31622c36571fd187e0968ea3e12a44c8c15e050

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBFB/bS:sxX7QnxrloE5dpUpCb

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks