Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d271de7fbc0339e445035966117cb366a8d19d802bb0d57031bd0870c68c3d51

  • Size

    724KB

  • Sample

    240913-cxw4nsyfqq

  • MD5

    5efc292c14d9fafc853f370a2c565dc9

  • SHA1

    4e4fd3644e2f5fb3956927af0070ac14f50cf5c2

  • SHA256

    d271de7fbc0339e445035966117cb366a8d19d802bb0d57031bd0870c68c3d51

  • SHA512

    0659ec2b72f6f9dd2031845909768832641f484712da7667e2489b8d80fa0efc3fb915591582f182ec6dac9b95e26e577967d89efefb91b2fd99cb70fe81d43b

  • SSDEEP

    12288:dXCNi9BfFgGwjT+I70ZM7JCPhcrHr+80zkaPQutfVmlffc8UmE5PUS8CFQ/UxMuX:oWEjTwG7MGDHkRVmlHc8UBS4cUTD

Malware Config

Targets

    • Target

      d271de7fbc0339e445035966117cb366a8d19d802bb0d57031bd0870c68c3d51

    • Size

      724KB

    • MD5

      5efc292c14d9fafc853f370a2c565dc9

    • SHA1

      4e4fd3644e2f5fb3956927af0070ac14f50cf5c2

    • SHA256

      d271de7fbc0339e445035966117cb366a8d19d802bb0d57031bd0870c68c3d51

    • SHA512

      0659ec2b72f6f9dd2031845909768832641f484712da7667e2489b8d80fa0efc3fb915591582f182ec6dac9b95e26e577967d89efefb91b2fd99cb70fe81d43b

    • SSDEEP

      12288:dXCNi9BfFgGwjT+I70ZM7JCPhcrHr+80zkaPQutfVmlffc8UmE5PUS8CFQ/UxMuX:oWEjTwG7MGDHkRVmlHc8UBS4cUTD

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks