Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    67fe5a639525c28751b2b8492a538602846c54fd7818547dcfcd3a3f2a691533

  • Size

    910KB

  • Sample

    221012-klg5dadagp

  • MD5

    dd9d34b2bcaf57ed5192ca1b73139a46

  • SHA1

    5b3e4f618ab14b7ac03dfd732fede5ace95d5566

  • SHA256

    67fe5a639525c28751b2b8492a538602846c54fd7818547dcfcd3a3f2a691533

  • SHA512

    ea8484bf6bf6722a5adf0417583ca267aa03704b72d39ab3fa90159e95fd298297d78f762e909330d2e71d9adf41e60f7b293a7b7f4ebcefffca2eafe5e81307

  • SSDEEP

    24576:lKKKKKKKKKKKKKKKKKN7ChBWMQ+uSJJd1BQzK:ZjLuSh1BAK

Malware Config

Targets

    • Target

      67fe5a639525c28751b2b8492a538602846c54fd7818547dcfcd3a3f2a691533

    • Size

      910KB

    • MD5

      dd9d34b2bcaf57ed5192ca1b73139a46

    • SHA1

      5b3e4f618ab14b7ac03dfd732fede5ace95d5566

    • SHA256

      67fe5a639525c28751b2b8492a538602846c54fd7818547dcfcd3a3f2a691533

    • SHA512

      ea8484bf6bf6722a5adf0417583ca267aa03704b72d39ab3fa90159e95fd298297d78f762e909330d2e71d9adf41e60f7b293a7b7f4ebcefffca2eafe5e81307

    • SSDEEP

      24576:lKKKKKKKKKKKKKKKKKN7ChBWMQ+uSJJd1BQzK:ZjLuSh1BAK

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v6

Tasks