Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ad2468cbb0a4d201420679240092d46d8c9b58c7cac4666d892d5cf7698f7a0d

  • Size

    2.6MB

  • Sample

    240829-cb79tazcpq

  • MD5

    481024bcac7ce4ee44228fd3cdb266bb

  • SHA1

    9a4c3849760f361aa13c5abd2473a3647d968e53

  • SHA256

    ad2468cbb0a4d201420679240092d46d8c9b58c7cac4666d892d5cf7698f7a0d

  • SHA512

    b975c302416c8581e380956c95a513595627d8bf185e088baad321dcf28612bd1de38d1956408e745425e5749c7efbe100bbf2cc3a0aeea0cf4938d4803c8d33

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBWB/bSq:sxX7QnxrloE5dpUpZbV

Malware Config

Targets

    • Target

      ad2468cbb0a4d201420679240092d46d8c9b58c7cac4666d892d5cf7698f7a0d

    • Size

      2.6MB

    • MD5

      481024bcac7ce4ee44228fd3cdb266bb

    • SHA1

      9a4c3849760f361aa13c5abd2473a3647d968e53

    • SHA256

      ad2468cbb0a4d201420679240092d46d8c9b58c7cac4666d892d5cf7698f7a0d

    • SHA512

      b975c302416c8581e380956c95a513595627d8bf185e088baad321dcf28612bd1de38d1956408e745425e5749c7efbe100bbf2cc3a0aeea0cf4938d4803c8d33

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBWB/bSq:sxX7QnxrloE5dpUpZbV

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks