Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    cf0c251764262cede0746890cbd47aaddbd1933e024d9c75e915bd8c7e1d7dd4

  • Size

    2.6MB

  • Sample

    240826-cjfjrs1anp

  • MD5

    fdd33110bdfc28bf3ebbba69b739b5c4

  • SHA1

    bedb76dcea5ebd1257dd985ec6ae23175f013bf4

  • SHA256

    cf0c251764262cede0746890cbd47aaddbd1933e024d9c75e915bd8c7e1d7dd4

  • SHA512

    289618e4814f7b13995c6c157d74d45a3409c9d6846362ac3b49efe591b2f8f0b2ca7b4952d4d4f40b73471c10cfa5a538d88e0b80c5c4ed860ec94e9a23df89

  • SSDEEP

    24576:+A8vyrepIND/0bfSPdaY0RFo3UR+h+8fEvdDrGnrdEROGHOhnLegMZt4zEyje0sF:+A81IJP4qnEvdDqnroHOZL2h0JHHO

Malware Config

Targets

    • Target

      cf0c251764262cede0746890cbd47aaddbd1933e024d9c75e915bd8c7e1d7dd4

    • Size

      2.6MB

    • MD5

      fdd33110bdfc28bf3ebbba69b739b5c4

    • SHA1

      bedb76dcea5ebd1257dd985ec6ae23175f013bf4

    • SHA256

      cf0c251764262cede0746890cbd47aaddbd1933e024d9c75e915bd8c7e1d7dd4

    • SHA512

      289618e4814f7b13995c6c157d74d45a3409c9d6846362ac3b49efe591b2f8f0b2ca7b4952d4d4f40b73471c10cfa5a538d88e0b80c5c4ed860ec94e9a23df89

    • SSDEEP

      24576:+A8vyrepIND/0bfSPdaY0RFo3UR+h+8fEvdDrGnrdEROGHOhnLegMZt4zEyje0sF:+A81IJP4qnEvdDqnroHOZL2h0JHHO

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks