Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

786b78d9d6...c5.exe

windows7-x64

9

786b78d9d6...c5.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    786b78d9d622b52445b8f084eaac05c208fdfc2c1c3c520e4249a2b61cb63ac5

  • Size

    7.2MB

  • Sample

    221016-c2gjsagff3

  • MD5

    85e9f3cf696b57fa40389337103d1932

  • SHA1

    336aa2100eae59601dbc0c56079efcd7562bf205

  • SHA256

    786b78d9d622b52445b8f084eaac05c208fdfc2c1c3c520e4249a2b61cb63ac5

  • SHA512

    7a6e1d0c40b07ec23b032d5339001985124b582249ec6377ab3f6d48e82453e9bc4e9ea017439a37bb7b6e2a5ffdfff74970bf201e314bbd0038250d45f1499b

  • SSDEEP

    98304:RLu1g9ZGlWrfTZmHqXE9ssD/QjI+1ozfLu1TIRtUOV5Z:Rd9JTZksaJ+1orTRt

Score
9/10
ransomwarespywarestealer

Malware Config

Targets

    • Target

      786b78d9d622b52445b8f084eaac05c208fdfc2c1c3c520e4249a2b61cb63ac5

    • Size

      7.2MB

    • MD5

      85e9f3cf696b57fa40389337103d1932

    • SHA1

      336aa2100eae59601dbc0c56079efcd7562bf205

    • SHA256

      786b78d9d622b52445b8f084eaac05c208fdfc2c1c3c520e4249a2b61cb63ac5

    • SHA512

      7a6e1d0c40b07ec23b032d5339001985124b582249ec6377ab3f6d48e82453e9bc4e9ea017439a37bb7b6e2a5ffdfff74970bf201e314bbd0038250d45f1499b

    • SSDEEP

      98304:RLu1g9ZGlWrfTZmHqXE9ssD/QjI+1ozfLu1TIRtUOV5Z:Rd9JTZksaJ+1orTRt

    Score
    9/10
    ransomwarespywarestealer

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks