Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    01d493e7415a82b5a64160b87211f910N

  • Size

    2.6MB

  • Sample

    240913-pxtd1a1hmb

  • MD5

    01d493e7415a82b5a64160b87211f910

  • SHA1

    f78e6f1a77993fe37b4fa697c55052e1673e641c

  • SHA256

    2f449deb736202e157a39a58813c88dcd28382db43e325391b5cad190fbd132b

  • SHA512

    aabd323df5fe5afb83440d9cefa2240d901b7e15360e70d74f9c1996e5662f5054354a7a766932c931174317c47bbcde1ad65d84b5d16f599c332dd6918c4749

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBWB/bS:sxX7QnxrloE5dpUpNb

Malware Config

Targets

    • Target

      01d493e7415a82b5a64160b87211f910N

    • Size

      2.6MB

    • MD5

      01d493e7415a82b5a64160b87211f910

    • SHA1

      f78e6f1a77993fe37b4fa697c55052e1673e641c

    • SHA256

      2f449deb736202e157a39a58813c88dcd28382db43e325391b5cad190fbd132b

    • SHA512

      aabd323df5fe5afb83440d9cefa2240d901b7e15360e70d74f9c1996e5662f5054354a7a766932c931174317c47bbcde1ad65d84b5d16f599c332dd6918c4749

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBWB/bS:sxX7QnxrloE5dpUpNb

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks