Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d185acf237f9b43928cbebb1c00d2dc39cb141b8d4a56913f2f5be37cc2b4236

  • Size

    1.9MB

  • Sample

    240823-3hv6yatcmb

  • MD5

    7ea756f94d83df9268c173c8a0a7bda6

  • SHA1

    ad059ad95694a032ba4ef46b3ed987a994e0a6e6

  • SHA256

    d185acf237f9b43928cbebb1c00d2dc39cb141b8d4a56913f2f5be37cc2b4236

  • SHA512

    3407da08086c9b5afcc85a520a9b0dfa6fb97bf5b23c5df48ab25a40751ae1f73687617b85129e83b5c1fe60ad3610b02c6fcf032ca1bf7fbdd28caaaa35e9a2

  • SSDEEP

    49152:IsvSCS63vsMMIfhbEZKn+g4WyxxQRWkokhU:IsqCS63vsMMybgKCWyxx0DokhU

Malware Config

Targets

    • Target

      d185acf237f9b43928cbebb1c00d2dc39cb141b8d4a56913f2f5be37cc2b4236

    • Size

      1.9MB

    • MD5

      7ea756f94d83df9268c173c8a0a7bda6

    • SHA1

      ad059ad95694a032ba4ef46b3ed987a994e0a6e6

    • SHA256

      d185acf237f9b43928cbebb1c00d2dc39cb141b8d4a56913f2f5be37cc2b4236

    • SHA512

      3407da08086c9b5afcc85a520a9b0dfa6fb97bf5b23c5df48ab25a40751ae1f73687617b85129e83b5c1fe60ad3610b02c6fcf032ca1bf7fbdd28caaaa35e9a2

    • SSDEEP

      49152:IsvSCS63vsMMIfhbEZKn+g4WyxxQRWkokhU:IsqCS63vsMMybgKCWyxx0DokhU

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks