Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1df4b562406c3dc156ba80a3ffa8c03eca539d4e737a63dcbc1eeb79a1e18472

  • Size

    2.6MB

  • Sample

    240921-xtgvssycjh

  • MD5

    e85314befe69377f737ca5192f3b16d3

  • SHA1

    f7dc6a51bb6c995449a5f31710cb76cd4ad72ba5

  • SHA256

    1df4b562406c3dc156ba80a3ffa8c03eca539d4e737a63dcbc1eeb79a1e18472

  • SHA512

    18b523766a99cb932ad2cf5b54ef19bcde64e864e83e04bae2d55ae4fdc65046049c1592d532c1f9824e6299081d86e982e0c293a12671e36ae4de6026c146e9

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBJB/bS:sxX7QnxrloE5dpUpmb

Malware Config

Targets

    • Target

      1df4b562406c3dc156ba80a3ffa8c03eca539d4e737a63dcbc1eeb79a1e18472

    • Size

      2.6MB

    • MD5

      e85314befe69377f737ca5192f3b16d3

    • SHA1

      f7dc6a51bb6c995449a5f31710cb76cd4ad72ba5

    • SHA256

      1df4b562406c3dc156ba80a3ffa8c03eca539d4e737a63dcbc1eeb79a1e18472

    • SHA512

      18b523766a99cb932ad2cf5b54ef19bcde64e864e83e04bae2d55ae4fdc65046049c1592d532c1f9824e6299081d86e982e0c293a12671e36ae4de6026c146e9

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBJB/bS:sxX7QnxrloE5dpUpmb

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks