Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6fd3f0bb829695dbf036155c0168e674b05e9b3f04a4c20557b3d3611e62baca

  • Size

    512KB

  • Sample

    240912-2j6tdsyern

  • MD5

    2b94acc7f172ad679d500af8455d4701

  • SHA1

    57045f7fac40cabe31db0e142d284c85a3bb10d0

  • SHA256

    6fd3f0bb829695dbf036155c0168e674b05e9b3f04a4c20557b3d3611e62baca

  • SHA512

    77dd0b3a5fabe666a33c24511538eb76f9ae552be917f99295f2568381212bff47a89dfe359d5be16a92df672a2eb185c645bb3611de988e56b1a265858f8de8

  • SSDEEP

    12288:r0GXw4brt8rrekMgukAlOyz0GfPfHZDjXpO9FI/:rdXw41oikMgu1lBz0WXp9O7G

Malware Config

Targets

    • Target

      6fd3f0bb829695dbf036155c0168e674b05e9b3f04a4c20557b3d3611e62baca

    • Size

      512KB

    • MD5

      2b94acc7f172ad679d500af8455d4701

    • SHA1

      57045f7fac40cabe31db0e142d284c85a3bb10d0

    • SHA256

      6fd3f0bb829695dbf036155c0168e674b05e9b3f04a4c20557b3d3611e62baca

    • SHA512

      77dd0b3a5fabe666a33c24511538eb76f9ae552be917f99295f2568381212bff47a89dfe359d5be16a92df672a2eb185c645bb3611de988e56b1a265858f8de8

    • SSDEEP

      12288:r0GXw4brt8rrekMgukAlOyz0GfPfHZDjXpO9FI/:rdXw41oikMgu1lBz0WXp9O7G

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks