Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5a87a704d0e2e7bc2213db0e6298f125c080c468ed8ea3680d7d7e2ecf626a9d

  • Size

    1.4MB

  • Sample

    241014-2vpn9a1akd

  • MD5

    8b56e049371d0ad4667839b19abad608

  • SHA1

    3b1f8dd9568dd6a905d2b0aa65f6886970649cde

  • SHA256

    5a87a704d0e2e7bc2213db0e6298f125c080c468ed8ea3680d7d7e2ecf626a9d

  • SHA512

    ca59335f0cd508c201011e61a8ae653aec989922afe4c85e403ea77d56608fecc1b7e0727be2c06fed0ad95477aace7d1a3dfc813f8285de0ce1bd6be0b1a191

  • SSDEEP

    24576:h+SFQyRru2P6TW+/OMiFhTCRQwG6F5/xsSSBl76xPbdHURIcNTKarBI:NZubTWLb33s/xkl76FZUKaKarB

Malware Config

Targets

    • Target

      5a87a704d0e2e7bc2213db0e6298f125c080c468ed8ea3680d7d7e2ecf626a9d

    • Size

      1.4MB

    • MD5

      8b56e049371d0ad4667839b19abad608

    • SHA1

      3b1f8dd9568dd6a905d2b0aa65f6886970649cde

    • SHA256

      5a87a704d0e2e7bc2213db0e6298f125c080c468ed8ea3680d7d7e2ecf626a9d

    • SHA512

      ca59335f0cd508c201011e61a8ae653aec989922afe4c85e403ea77d56608fecc1b7e0727be2c06fed0ad95477aace7d1a3dfc813f8285de0ce1bd6be0b1a191

    • SSDEEP

      24576:h+SFQyRru2P6TW+/OMiFhTCRQwG6F5/xsSSBl76xPbdHURIcNTKarBI:NZubTWLb33s/xkl76FZUKaKarB

    • Sets service image path in registry

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks