Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    16c7368a03629d421a298d675f64cc94a338be75f8a7dc676b2e7562128c1427

  • Size

    874KB

  • Sample

    241017-xkpjaazemd

  • MD5

    01c875521f3c15d155e80017c296e884

  • SHA1

    cbff30d3c3a83613ede4be222138ac1222120262

  • SHA256

    16c7368a03629d421a298d675f64cc94a338be75f8a7dc676b2e7562128c1427

  • SHA512

    b41f0aac37cff7cdb173aa69bf0a0a023fca549266216a6fb5d2a97a30e449018a26d6b2ecffc720b95edc1de1ce2ad3df46fe152387d6e691167ae00f12c70d

  • SSDEEP

    24576:ksFmJ1R7GQLSCjtIu6P339SSgT7cu6P339SSgT7:pmJ1RGtCjyvNSFTwvNSFT

Malware Config

Targets

    • Target

      16c7368a03629d421a298d675f64cc94a338be75f8a7dc676b2e7562128c1427

    • Size

      874KB

    • MD5

      01c875521f3c15d155e80017c296e884

    • SHA1

      cbff30d3c3a83613ede4be222138ac1222120262

    • SHA256

      16c7368a03629d421a298d675f64cc94a338be75f8a7dc676b2e7562128c1427

    • SHA512

      b41f0aac37cff7cdb173aa69bf0a0a023fca549266216a6fb5d2a97a30e449018a26d6b2ecffc720b95edc1de1ce2ad3df46fe152387d6e691167ae00f12c70d

    • SSDEEP

      24576:ksFmJ1R7GQLSCjtIu6P339SSgT7cu6P339SSgT7:pmJ1RGtCjyvNSFTwvNSFT

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

MITRE ATT&CK Enterprise v15

Tasks