Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c4686401f7bd6af7a0a62939dfedf1953e03e6e4fbe14c703b43639b0e30d51d

  • Size

    57KB

  • Sample

    240921-qnckkavblp

  • MD5

    6eaa9cf5e8cc31d44c4b06db983d23fa

  • SHA1

    9c2b88a178951648eb1c8f729ef8c8386f020a61

  • SHA256

    c4686401f7bd6af7a0a62939dfedf1953e03e6e4fbe14c703b43639b0e30d51d

  • SHA512

    8522ea7cc70aa3c9188580a972e61063b7e91eedb84e946ccf020adbb8ff9d3a2d5adbf7ee8486eb8e7e3ddf030d5f09613f309fcd0ce942cc5a8233086139ab

  • SSDEEP

    1536:2+aYzMXqtGNttyeiZnZLYm1R6jWWvr78Pxc:2+aY46tGNttyeQLYm1ReWWvrQxc

Malware Config

Targets

    • Target

      c4686401f7bd6af7a0a62939dfedf1953e03e6e4fbe14c703b43639b0e30d51d

    • Size

      57KB

    • MD5

      6eaa9cf5e8cc31d44c4b06db983d23fa

    • SHA1

      9c2b88a178951648eb1c8f729ef8c8386f020a61

    • SHA256

      c4686401f7bd6af7a0a62939dfedf1953e03e6e4fbe14c703b43639b0e30d51d

    • SHA512

      8522ea7cc70aa3c9188580a972e61063b7e91eedb84e946ccf020adbb8ff9d3a2d5adbf7ee8486eb8e7e3ddf030d5f09613f309fcd0ce942cc5a8233086139ab

    • SSDEEP

      1536:2+aYzMXqtGNttyeiZnZLYm1R6jWWvr78Pxc:2+aY46tGNttyeQLYm1ReWWvrQxc

    • Drops file in Drivers directory

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks