Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f86a92ea33162946b7b5ef25c95e1534a84b9ed9a64b94507dd11aab9dcc4f9f

  • Size

    2.6MB

  • Sample

    240903-g8smva1clh

  • MD5

    da7357080a48912241f2e0f1ae7907df

  • SHA1

    a5a2562f25b886324bfa83be2d03bde60906fb65

  • SHA256

    f86a92ea33162946b7b5ef25c95e1534a84b9ed9a64b94507dd11aab9dcc4f9f

  • SHA512

    0de4f257c532dcbc30774801eaf089d41a62ae6d9b925e858a894a33f5399b22842380250e86016474dd4aae5de0d8ab1c17e17e127413d24b28899e70c2d2c9

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB1B/bS:sxX7QnxrloE5dpUpyb

Malware Config

Targets

    • Target

      f86a92ea33162946b7b5ef25c95e1534a84b9ed9a64b94507dd11aab9dcc4f9f

    • Size

      2.6MB

    • MD5

      da7357080a48912241f2e0f1ae7907df

    • SHA1

      a5a2562f25b886324bfa83be2d03bde60906fb65

    • SHA256

      f86a92ea33162946b7b5ef25c95e1534a84b9ed9a64b94507dd11aab9dcc4f9f

    • SHA512

      0de4f257c532dcbc30774801eaf089d41a62ae6d9b925e858a894a33f5399b22842380250e86016474dd4aae5de0d8ab1c17e17e127413d24b28899e70c2d2c9

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB1B/bS:sxX7QnxrloE5dpUpyb

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks