Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1bdff57838c33d4b7dc2d58178d9b13efdec6d1af276935138665483be35b53a.exe
-
Size
15.1MB
-
Sample
221016-qnpj5ahedp
-
MD5
1a99900ee0afba0212d2189cae906774
-
SHA1
d48d3d6ea535bf258f2a62882b236a881c30609d
-
SHA256
1bdff57838c33d4b7dc2d58178d9b13efdec6d1af276935138665483be35b53a
-
SHA512
1939991c2c60d2daf857d0a54e1c5bcc8f90f9292d685e93f475773aa37d4365b71817c1635cacfefa881b1db781e2689687d3a508e799956ca78dca3f149e87
-
SSDEEP
98304:tLu13/Jk2Ph05e+g3FXBBqa2ZZzRTC0rBC3FO:tikgcNiBBYFTC0rBC3s
Malware Config
Targets
-
-
Target
1bdff57838c33d4b7dc2d58178d9b13efdec6d1af276935138665483be35b53a.exe
-
Size
15.1MB
-
MD5
1a99900ee0afba0212d2189cae906774
-
SHA1
d48d3d6ea535bf258f2a62882b236a881c30609d
-
SHA256
1bdff57838c33d4b7dc2d58178d9b13efdec6d1af276935138665483be35b53a
-
SHA512
1939991c2c60d2daf857d0a54e1c5bcc8f90f9292d685e93f475773aa37d4365b71817c1635cacfefa881b1db781e2689687d3a508e799956ca78dca3f149e87
-
SSDEEP
98304:tLu13/Jk2Ph05e+g3FXBBqa2ZZzRTC0rBC3FO:tikgcNiBBYFTC0rBC3s
Score9/10-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-