Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3484b9ce4564f833b37a272cde5fc29987649d14ed3b7ecb4070be5d4eb74cb1

  • Size

    1.3MB

  • Sample

    241025-y9crfs1qdk

  • MD5

    72e015e1fecb856c76650fdebd96ae49

  • SHA1

    28508265808e0d34037123127a08a18324873267

  • SHA256

    3484b9ce4564f833b37a272cde5fc29987649d14ed3b7ecb4070be5d4eb74cb1

  • SHA512

    2408815038e9d8ff533e12114aa71ce39b07547539b25415ee252e6059057c090df07ac80adea0a5ed339b2494f41bea8cbd25c541b0d94986c15ba6e58284b2

  • SSDEEP

    24576:2W8hZN6J0QajUaag+e+7ZY5/UDsL/vEcr7KOoEGrsS74VeMrbT8iX82L2J:z8hW2Qa4aa77ZzifruOoEGrt7ArbT8i2

Malware Config

Targets

    • Target

      3484b9ce4564f833b37a272cde5fc29987649d14ed3b7ecb4070be5d4eb74cb1

    • Size

      1.3MB

    • MD5

      72e015e1fecb856c76650fdebd96ae49

    • SHA1

      28508265808e0d34037123127a08a18324873267

    • SHA256

      3484b9ce4564f833b37a272cde5fc29987649d14ed3b7ecb4070be5d4eb74cb1

    • SHA512

      2408815038e9d8ff533e12114aa71ce39b07547539b25415ee252e6059057c090df07ac80adea0a5ed339b2494f41bea8cbd25c541b0d94986c15ba6e58284b2

    • SSDEEP

      24576:2W8hZN6J0QajUaag+e+7ZY5/UDsL/vEcr7KOoEGrsS74VeMrbT8iX82L2J:z8hW2Qa4aa77ZzifruOoEGrt7ArbT8i2

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks