Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    518ab8123714649910d0b550fa6df7bb86333cae01b24173d817bf335614de70

  • Size

    2.8MB

  • Sample

    241027-26kjnsslbp

  • MD5

    50267d86edda877da9aea0bfc6015fe2

  • SHA1

    25c7b7e4d0a57cd84f989f52c2a4cf2b1b98513f

  • SHA256

    518ab8123714649910d0b550fa6df7bb86333cae01b24173d817bf335614de70

  • SHA512

    11a731eb534e1ad19013d9a584ac27fc192d8cdfd30f2b4432e441089160222d6a3be16a02c89c17983f8e838943cdddd7e6dc13b47964615b5f76225844d4c0

  • SSDEEP

    49152:+2NYTb8atv1orq+pEiSDTj1VyvBaMB7rGlR/tzygw3t4Ik0ZD5FJ9X+Kf/7OS2m4:LybIrqgvGlRLIRZD5FLXhTOSdhvs

Malware Config

Targets

    • Target

      518ab8123714649910d0b550fa6df7bb86333cae01b24173d817bf335614de70

    • Size

      2.8MB

    • MD5

      50267d86edda877da9aea0bfc6015fe2

    • SHA1

      25c7b7e4d0a57cd84f989f52c2a4cf2b1b98513f

    • SHA256

      518ab8123714649910d0b550fa6df7bb86333cae01b24173d817bf335614de70

    • SHA512

      11a731eb534e1ad19013d9a584ac27fc192d8cdfd30f2b4432e441089160222d6a3be16a02c89c17983f8e838943cdddd7e6dc13b47964615b5f76225844d4c0

    • SSDEEP

      49152:+2NYTb8atv1orq+pEiSDTj1VyvBaMB7rGlR/tzygw3t4Ik0ZD5FJ9X+Kf/7OS2m4:LybIrqgvGlRLIRZD5FLXhTOSdhvs

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Modifies boot configuration data using bcdedit

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks