Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-09-27_456fa0e3c8dac4b0601aae86f24183ea_avoslocker

  • Size

    2.0MB

  • Sample

    240927-vh8g9ssbrk

  • MD5

    456fa0e3c8dac4b0601aae86f24183ea

  • SHA1

    b818914aaf00c6817169cfc30f37812b807013e2

  • SHA256

    6365be55d95a945a7d126efc1ab301fde9821c799b68a7f957b18fb6c68b118c

  • SHA512

    542c28798bf1ca234be2eef5d0fac7138b0baf037b65452abbc6570d3d910b79c4891197328b8fb927bb82c6eb29f42f08f0fcb79caf8c805493b1b6fd09cdd7

  • SSDEEP

    49152:lencs7Qc0FK79/Ves7FozshjPHYnsABxi4Dmg27RnWGj:lency/Ves7WwhjPGD527BWG

Malware Config

Targets

    • Target

      2024-09-27_456fa0e3c8dac4b0601aae86f24183ea_avoslocker

    • Size

      2.0MB

    • MD5

      456fa0e3c8dac4b0601aae86f24183ea

    • SHA1

      b818914aaf00c6817169cfc30f37812b807013e2

    • SHA256

      6365be55d95a945a7d126efc1ab301fde9821c799b68a7f957b18fb6c68b118c

    • SHA512

      542c28798bf1ca234be2eef5d0fac7138b0baf037b65452abbc6570d3d910b79c4891197328b8fb927bb82c6eb29f42f08f0fcb79caf8c805493b1b6fd09cdd7

    • SSDEEP

      49152:lencs7Qc0FK79/Ves7FozshjPHYnsABxi4Dmg27RnWGj:lency/Ves7WwhjPGD527BWG

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks whether UAC is enabled

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks