Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ReportingServecesService.exe

  • Size

    158KB

  • Sample

    220923-th7ejaahan

  • MD5

    a8e214683307adaff39783dc656b398a

  • SHA1

    a4f0e624bd1292130ac46d242e42f33b724665bf

  • SHA256

    df64e87ecb30f4cadf54f2c1b3d3cba8cc2d315db0fd4af2d11add57baa56f6a

  • SHA512

    9dacd78fdecc64fb5ead740e5e3cd4248bf46a45f1c70dbde950a8231a44dedd961a6f05d44983accfa519193ea466901ac7e7e6725b66fed9fe2e4ccf10429c

  • SSDEEP

    3072:y15pcSM4lVY8n8q4wJ8YB5mvig79NvGBdY04cABYK5lht9Raz+BVfRoio+00C/:y15pcKVfJ8MI7XvQLfAW6t5BdFC/

Malware Config

Targets

    • Target

      ReportingServecesService.exe

    • Size

      158KB

    • MD5

      a8e214683307adaff39783dc656b398a

    • SHA1

      a4f0e624bd1292130ac46d242e42f33b724665bf

    • SHA256

      df64e87ecb30f4cadf54f2c1b3d3cba8cc2d315db0fd4af2d11add57baa56f6a

    • SHA512

      9dacd78fdecc64fb5ead740e5e3cd4248bf46a45f1c70dbde950a8231a44dedd961a6f05d44983accfa519193ea466901ac7e7e6725b66fed9fe2e4ccf10429c

    • SSDEEP

      3072:y15pcSM4lVY8n8q4wJ8YB5mvig79NvGBdY04cABYK5lht9Raz+BVfRoio+00C/:y15pcKVfJ8MI7XvQLfAW6t5BdFC/

    Score
    9/10
    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v6

Tasks