Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    98df5929746b5a9843f8f1396506f6033b30a4267a65523c62d5ead0189bfc9a

  • Size

    2.6MB

  • Sample

    240913-azr7dsveje

  • MD5

    37862b8d08be0d8b3e5c24bf546f045e

  • SHA1

    94586846c58c3ea3fc036e050b151f90617dfe8b

  • SHA256

    98df5929746b5a9843f8f1396506f6033b30a4267a65523c62d5ead0189bfc9a

  • SHA512

    917229846f2fc8b109356f66d58915694288001d86eef6243f82c2ceea42cb7764d4e3f9cba0f33cfa13d5b67f00a08642d4ca800e151636bb35c00aa02bb583

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB4B/bS:sxX7QnxrloE5dpUpDb

Malware Config

Targets

    • Target

      98df5929746b5a9843f8f1396506f6033b30a4267a65523c62d5ead0189bfc9a

    • Size

      2.6MB

    • MD5

      37862b8d08be0d8b3e5c24bf546f045e

    • SHA1

      94586846c58c3ea3fc036e050b151f90617dfe8b

    • SHA256

      98df5929746b5a9843f8f1396506f6033b30a4267a65523c62d5ead0189bfc9a

    • SHA512

      917229846f2fc8b109356f66d58915694288001d86eef6243f82c2ceea42cb7764d4e3f9cba0f33cfa13d5b67f00a08642d4ca800e151636bb35c00aa02bb583

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB4B/bS:sxX7QnxrloE5dpUpDb

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks