Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c20d58731ea9f8d62c0e7d5c47810d795e1342aa334d97ac0e9742218e29bc9e

  • Size

    5.7MB

  • Sample

    241004-dpeebs1eql

  • MD5

    40f7b3ec38608ed7c4c95b51991d9d51

  • SHA1

    d3065aa488142c6d88908507a30ccd9f2de2abb0

  • SHA256

    c20d58731ea9f8d62c0e7d5c47810d795e1342aa334d97ac0e9742218e29bc9e

  • SHA512

    62ba4b506e5dca8026b22fb9c48aea154994ce65bb6b027a1c1389404ac13ad05e65af3b6bbfe4daa463680a0571f1ee530b9256073152aa301f75c61ec8ca75

  • SSDEEP

    49152:Hd+Pv94AEsKU8ggw1g+1CART5eBiyKS3EI3wybn20DCYIHvc8ixuZm9+fWsw6dTP:HdAKUgTH2M2m9UMpu1QfLczqssnKSk

Malware Config

Targets

    • Target

      c20d58731ea9f8d62c0e7d5c47810d795e1342aa334d97ac0e9742218e29bc9e

    • Size

      5.7MB

    • MD5

      40f7b3ec38608ed7c4c95b51991d9d51

    • SHA1

      d3065aa488142c6d88908507a30ccd9f2de2abb0

    • SHA256

      c20d58731ea9f8d62c0e7d5c47810d795e1342aa334d97ac0e9742218e29bc9e

    • SHA512

      62ba4b506e5dca8026b22fb9c48aea154994ce65bb6b027a1c1389404ac13ad05e65af3b6bbfe4daa463680a0571f1ee530b9256073152aa301f75c61ec8ca75

    • SSDEEP

      49152:Hd+Pv94AEsKU8ggw1g+1CART5eBiyKS3EI3wybn20DCYIHvc8ixuZm9+fWsw6dTP:HdAKUgTH2M2m9UMpu1QfLczqssnKSk

    • Drops file in Drivers directory

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks