Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    490557c719236120c320147ee2c01e78147fcf3ceb4b7da1effb0574e2358ebe

  • Size

    86KB

  • Sample

    241027-181s1a1pan

  • MD5

    7c07f0bc05ce9165fc54305502f2bab8

  • SHA1

    2019b677e44da051bfd7a4b36d1c3c22c5640c53

  • SHA256

    490557c719236120c320147ee2c01e78147fcf3ceb4b7da1effb0574e2358ebe

  • SHA512

    373a28eaf757a720c4c481bc695340cf1c8ff0dff8dadb899370bf21038e3137f7d1e3c4b9158e6e1f24aa7cf57af7e3a1afd73a449ad8c488c5041114ee12cf

  • SSDEEP

    1536:IPwe+Zk77RNzLiTOaRbUi+QLcnC/ZMaRiIu/r:IPwe+aX3zv9nCRMaRiTT

Malware Config

Targets

    • Target

      490557c719236120c320147ee2c01e78147fcf3ceb4b7da1effb0574e2358ebe

    • Size

      86KB

    • MD5

      7c07f0bc05ce9165fc54305502f2bab8

    • SHA1

      2019b677e44da051bfd7a4b36d1c3c22c5640c53

    • SHA256

      490557c719236120c320147ee2c01e78147fcf3ceb4b7da1effb0574e2358ebe

    • SHA512

      373a28eaf757a720c4c481bc695340cf1c8ff0dff8dadb899370bf21038e3137f7d1e3c4b9158e6e1f24aa7cf57af7e3a1afd73a449ad8c488c5041114ee12cf

    • SSDEEP

      1536:IPwe+Zk77RNzLiTOaRbUi+QLcnC/ZMaRiIu/r:IPwe+aX3zv9nCRMaRiTT

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks