Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    726768811acec726579b43473424e918.zip

  • Size

    55KB

  • Sample

    240901-plgk3azhjm

  • MD5

    37bf44ba619f002cb874b7ed5a258fb6

  • SHA1

    c7ef0bbea46d4c5f5b9136c0749b4f31656cc8af

  • SHA256

    c810876ac7546e0603dc94afd946d25a4703b5893441e65ba51e7eb7f19d13b4

  • SHA512

    ff4b3fa387bc2224c39f58fa8cb8cd3a98a20bde61faf5bdfc6b8f5467e154bbb6a3a53cbed03b24899300c99d8b0084fae01589c5eb73b2c2fb137c01b46e46

  • SSDEEP

    1536:Owg0bsqMm3I9chlbEF8KkUjWh+pnCHJxpuM3sUlr:PtDMm3DADljWYel7lr

Malware Config

Targets

    • Target

      c84151048330d1085ae26925e2a80a9067e98d7e1a5684ce6daeb86d1df901cb

    • Size

      64KB

    • MD5

      726768811acec726579b43473424e918

    • SHA1

      92e487dde00a65db83ee026294564b3b15e434c1

    • SHA256

      c84151048330d1085ae26925e2a80a9067e98d7e1a5684ce6daeb86d1df901cb

    • SHA512

      9f3bbd9d5755cada4719360a9686ad5a05591df50bf0fe0cfbdd0858a90aa875180d79fe23da1157e0c4c3b71b99a19a5d58f485e65005faa21838f9c963cc67

    • SSDEEP

      1536:QztPr2C7b7nKMMm/XC3p2a4eWiHZ01lky1XvuSNl0ft:Gtia/nKMMm/Xm2HeWy4lNXvvNo

    • Credentials from Password Stores: Windows Credential Manager

      Suspicious access to Credentials History.

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks