Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e05f47fdbb956b1308665592dfc689a41fc13f6cbb63042911a66ae99046efed

  • Size

    2.6MB

  • Sample

    240903-m13qqsvcjl

  • MD5

    bc4fad2504660b57b1a9ab066d9dde99

  • SHA1

    60d5b00523d70465f0872f06f9f439ef3a0403f2

  • SHA256

    e05f47fdbb956b1308665592dfc689a41fc13f6cbb63042911a66ae99046efed

  • SHA512

    0be5d3ff70e3d211c522bc61db0fb1a744c2c2ba8ae18afe4f2f7407bbb0e24d59bdaf01c2ae9068601ce25c279e46d55fc5d00911dd0cae25fb8d8dd259565a

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBCB/bS:sxX7QnxrloE5dpUpBb

Malware Config

Targets

    • Target

      e05f47fdbb956b1308665592dfc689a41fc13f6cbb63042911a66ae99046efed

    • Size

      2.6MB

    • MD5

      bc4fad2504660b57b1a9ab066d9dde99

    • SHA1

      60d5b00523d70465f0872f06f9f439ef3a0403f2

    • SHA256

      e05f47fdbb956b1308665592dfc689a41fc13f6cbb63042911a66ae99046efed

    • SHA512

      0be5d3ff70e3d211c522bc61db0fb1a744c2c2ba8ae18afe4f2f7407bbb0e24d59bdaf01c2ae9068601ce25c279e46d55fc5d00911dd0cae25fb8d8dd259565a

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBCB/bS:sxX7QnxrloE5dpUpBb

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks