Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    170e58ad15c295b733caca94b3737c7a7e145562bec4c940dd9030e7bf2cb9a6

  • Size

    10.4MB

  • Sample

    240821-w2zvxaxcrl

  • MD5

    8cc689ef8ff2c65b2b34469c0a586cc1

  • SHA1

    51917ae28e6a1a35eb5825d46debcf8e62148bd1

  • SHA256

    170e58ad15c295b733caca94b3737c7a7e145562bec4c940dd9030e7bf2cb9a6

  • SHA512

    7b8346360f4f964eeed16a25416f11a0392c18d64b2a6878665225500df8f26dd78f3cbafbfd571f283fe343f688a407cf0f720a1b328f08fcb8fce477f45ec4

  • SSDEEP

    196608:uVBPUSSJ7PbDdh0HtQba8z1sjzkAilU4I4:ubs5J7PbDjOQba8psjzyz

Malware Config

Targets

    • Target

      170e58ad15c295b733caca94b3737c7a7e145562bec4c940dd9030e7bf2cb9a6

    • Size

      10.4MB

    • MD5

      8cc689ef8ff2c65b2b34469c0a586cc1

    • SHA1

      51917ae28e6a1a35eb5825d46debcf8e62148bd1

    • SHA256

      170e58ad15c295b733caca94b3737c7a7e145562bec4c940dd9030e7bf2cb9a6

    • SHA512

      7b8346360f4f964eeed16a25416f11a0392c18d64b2a6878665225500df8f26dd78f3cbafbfd571f283fe343f688a407cf0f720a1b328f08fcb8fce477f45ec4

    • SSDEEP

      196608:uVBPUSSJ7PbDdh0HtQba8z1sjzkAilU4I4:ubs5J7PbDjOQba8psjzyz

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks system information in the registry

      System information is often read in order to detect sandboxing environments.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks