Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2f48478d6e129ed9b142eec7b8d2063f85e8296bfbaca5a1da8ebea26e344958N

  • Size

    5.0MB

  • Sample

    241005-gtlkzszbjn

  • MD5

    83fcb5ac7f852a8c55ecad65d83e8450

  • SHA1

    72504900c20f1c186fb582867392caf31dabc545

  • SHA256

    2f48478d6e129ed9b142eec7b8d2063f85e8296bfbaca5a1da8ebea26e344958

  • SHA512

    1c1abc3c9d3ebbf5577090fc506513cfdcb08544a8e4e12a4f881f8db4b5c52966590a8dd4a26f8d9ceba2f26241d19f597633a1aa28fa783f56700a6db270a2

  • SSDEEP

    24576:qIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIII3:

Malware Config

Targets

    • Target

      2f48478d6e129ed9b142eec7b8d2063f85e8296bfbaca5a1da8ebea26e344958N

    • Size

      5.0MB

    • MD5

      83fcb5ac7f852a8c55ecad65d83e8450

    • SHA1

      72504900c20f1c186fb582867392caf31dabc545

    • SHA256

      2f48478d6e129ed9b142eec7b8d2063f85e8296bfbaca5a1da8ebea26e344958

    • SHA512

      1c1abc3c9d3ebbf5577090fc506513cfdcb08544a8e4e12a4f881f8db4b5c52966590a8dd4a26f8d9ceba2f26241d19f597633a1aa28fa783f56700a6db270a2

    • SSDEEP

      24576:qIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIII3:

    • Modifies WinLogon for persistence

    • Drops file in Drivers directory

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks