Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    dd9ba29e39f279589c477f7044c31cf5f9b85c6edb5b7ce5a3bdd6ca3a854a70

  • Size

    192KB

  • Sample

    221003-qk9e5aghh9

  • MD5

    631099792acfdeba2ae932a7978f54a6

  • SHA1

    5c37f8c0e13375cca7f7ce2e9a96a19f7ef3a70b

  • SHA256

    dd9ba29e39f279589c477f7044c31cf5f9b85c6edb5b7ce5a3bdd6ca3a854a70

  • SHA512

    4bd71a9749dbbada69a536488de9e363005a805415e88a384f3749ecc8fb0fc6bbc3c67a94d4d7bb13934019a68b7080970e571c695680a40b743e4bc7622eba

  • SSDEEP

    3072:8K5hkw3UT6SMhSl/VuyBzNVu5KT2Uj+TDdRJfkpkercz5PWVlI7I5:RkwClw4tfr05KpcRJcpkQcVPWVlD

Malware Config

Targets

    • Target

      dd9ba29e39f279589c477f7044c31cf5f9b85c6edb5b7ce5a3bdd6ca3a854a70

    • Size

      192KB

    • MD5

      631099792acfdeba2ae932a7978f54a6

    • SHA1

      5c37f8c0e13375cca7f7ce2e9a96a19f7ef3a70b

    • SHA256

      dd9ba29e39f279589c477f7044c31cf5f9b85c6edb5b7ce5a3bdd6ca3a854a70

    • SHA512

      4bd71a9749dbbada69a536488de9e363005a805415e88a384f3749ecc8fb0fc6bbc3c67a94d4d7bb13934019a68b7080970e571c695680a40b743e4bc7622eba

    • SSDEEP

      3072:8K5hkw3UT6SMhSl/VuyBzNVu5KT2Uj+TDdRJfkpkercz5PWVlI7I5:RkwClw4tfr05KpcRJcpkQcVPWVlD

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

    • Drops startup file

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks