Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Set-up.exe

  • Size

    6.7MB

  • Sample

    241003-1xasfayfjl

  • MD5

    e8f6d16ad939c06d972ed7afb3bcf335

  • SHA1

    a7c1b12fc853a28d468b5fa9bc7e6be63a05b4f2

  • SHA256

    5df593109be04e8263413ee6afbebe8f136cd0136e2fc7b070a19099f7ab015d

  • SHA512

    79d4a997a9a85f76871d9f5df74444f481de040651c904007ff5a626ecd7f5cdd5ecb47d274d82351d49f5de71cdff0502fc2b0735897844ee19cf79bb5498e6

  • SSDEEP

    196608:gONiBa+mq9aq5g7PLnYiJGb6/CdnK8dN:gONiBa+mq9aq5g7PLnYiJGbb

Malware Config

Targets

    • Target

      Set-up.exe

    • Size

      6.7MB

    • MD5

      e8f6d16ad939c06d972ed7afb3bcf335

    • SHA1

      a7c1b12fc853a28d468b5fa9bc7e6be63a05b4f2

    • SHA256

      5df593109be04e8263413ee6afbebe8f136cd0136e2fc7b070a19099f7ab015d

    • SHA512

      79d4a997a9a85f76871d9f5df74444f481de040651c904007ff5a626ecd7f5cdd5ecb47d274d82351d49f5de71cdff0502fc2b0735897844ee19cf79bb5498e6

    • SSDEEP

      196608:gONiBa+mq9aq5g7PLnYiJGb6/CdnK8dN:gONiBa+mq9aq5g7PLnYiJGbb

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks