Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
61b4067e5ad5b238bcdfe7b5315cea3c367c248a6e0d417c7e3e600f222324a4.exe
-
Size
80KB
-
Sample
221016-h5knhaghdq
-
MD5
1eeb73808e0b05f9ab564a762e3587c5
-
SHA1
65a36c44f6483666088d22651ab022890246ade0
-
SHA256
61b4067e5ad5b238bcdfe7b5315cea3c367c248a6e0d417c7e3e600f222324a4
-
SHA512
b8fa2d102bd5e583956a99b0761847a518bd87d7a712acde886763ee954628612404436978a0cac38ae25e6981f8112b007562ee4fe41e78bb641d51fc178606
-
SSDEEP
1536:ra98My3ia98My3ia98My3ia98My3ia98My3ia98My3ia98My3ia98M:e98My3598My3598My3598My3598My35l
Malware Config
Targets
-
-
Target
61b4067e5ad5b238bcdfe7b5315cea3c367c248a6e0d417c7e3e600f222324a4.exe
-
Size
80KB
-
MD5
1eeb73808e0b05f9ab564a762e3587c5
-
SHA1
65a36c44f6483666088d22651ab022890246ade0
-
SHA256
61b4067e5ad5b238bcdfe7b5315cea3c367c248a6e0d417c7e3e600f222324a4
-
SHA512
b8fa2d102bd5e583956a99b0761847a518bd87d7a712acde886763ee954628612404436978a0cac38ae25e6981f8112b007562ee4fe41e78bb641d51fc178606
-
SSDEEP
1536:ra98My3ia98My3ia98My3ia98My3ia98My3ia98My3ia98My3ia98M:e98My3598My3598My3598My3598My35l
Score9/10-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-