Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3c52d0490b806dcaea4b3638547d86240c00451699a1b35150fe3c992cdfc09c

  • Size

    4.5MB

  • Sample

    240921-zh7cessflb

  • MD5

    0ea605a1d37f58fd69b564d3468acadd

  • SHA1

    a505d7edc719afb52863775c88beef51b338c129

  • SHA256

    3c52d0490b806dcaea4b3638547d86240c00451699a1b35150fe3c992cdfc09c

  • SHA512

    3f5b030379348759917c316c2ffb4f9d971ea6767bc903fb7ac6516dadfac680be8b009e817bb978fdfaf5baf545bec19dd8938573bc4c38458ffdb7b0731c56

  • SSDEEP

    98304:CuWRw5bLGZWJ1GWk0y5rmhpJai8vhARFXM4jy+b+B5231DXqpYdVLEQ:CK5+35rQai8vhqFNyXB5OiUV4Q

Malware Config

Targets

    • Target

      3c52d0490b806dcaea4b3638547d86240c00451699a1b35150fe3c992cdfc09c

    • Size

      4.5MB

    • MD5

      0ea605a1d37f58fd69b564d3468acadd

    • SHA1

      a505d7edc719afb52863775c88beef51b338c129

    • SHA256

      3c52d0490b806dcaea4b3638547d86240c00451699a1b35150fe3c992cdfc09c

    • SHA512

      3f5b030379348759917c316c2ffb4f9d971ea6767bc903fb7ac6516dadfac680be8b009e817bb978fdfaf5baf545bec19dd8938573bc4c38458ffdb7b0731c56

    • SSDEEP

      98304:CuWRw5bLGZWJ1GWk0y5rmhpJai8vhARFXM4jy+b+B5231DXqpYdVLEQ:CK5+35rQai8vhqFNyXB5OiUV4Q

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks