Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    998eb7f53f0193957622c1f0975337a46095af71406f4be9963bd737a69dd927

  • Size

    177KB

  • Sample

    240829-rl745axhjk

  • MD5

    51628916327cfbc45fc7c15f2e4b5751

  • SHA1

    b609c00c6fdfd75b78b149d5ab74d029233eb709

  • SHA256

    998eb7f53f0193957622c1f0975337a46095af71406f4be9963bd737a69dd927

  • SHA512

    88511839d15701d7e851ace7bf7611329160fc2bbe8e34097f561d08f450cca139ff1bea25db0ed3e4c20ace8da78ef04e687d0a14dde3292bf29a499c4f7bd2

  • SSDEEP

    3072:BofZ4ZHUIWDfByOpGjAvb3eLG2FmDDSrDVTFooWZet3:mMHqpyOpGcj3UFmDDSrDVTSBQ3

Malware Config

Targets

    • Target

      998eb7f53f0193957622c1f0975337a46095af71406f4be9963bd737a69dd927

    • Size

      177KB

    • MD5

      51628916327cfbc45fc7c15f2e4b5751

    • SHA1

      b609c00c6fdfd75b78b149d5ab74d029233eb709

    • SHA256

      998eb7f53f0193957622c1f0975337a46095af71406f4be9963bd737a69dd927

    • SHA512

      88511839d15701d7e851ace7bf7611329160fc2bbe8e34097f561d08f450cca139ff1bea25db0ed3e4c20ace8da78ef04e687d0a14dde3292bf29a499c4f7bd2

    • SSDEEP

      3072:BofZ4ZHUIWDfByOpGjAvb3eLG2FmDDSrDVTFooWZet3:mMHqpyOpGcj3UFmDDSrDVTSBQ3

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks