Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    da7edaf3fa9022fa3909185bae8b3c2539e2631c5962e24a154391ecb303aba2

  • Size

    14.7MB

  • Sample

    221018-2y7dgaeae3

  • MD5

    60721a9879aa18c266d0c3a658acfd5a

  • SHA1

    efa159cee753c89944d1aaa729d34dc4f79a1568

  • SHA256

    da7edaf3fa9022fa3909185bae8b3c2539e2631c5962e24a154391ecb303aba2

  • SHA512

    1cc0b13b40231df5c946fadc21d9848e7d27173a9fb0db7a34c89d9d95f56a4e0a09d2a5318f3e1dfeb4096c75b4ad316fa7a2d09ab3cd5da3c81fbc19bc1992

  • SSDEEP

    98304:OLu13/Jk2Ph05e+g3XBBqa2ZZzRTC0rBC3FO:OikgcN8BBYFTC0rBC3s

Malware Config

Targets

    • Target

      da7edaf3fa9022fa3909185bae8b3c2539e2631c5962e24a154391ecb303aba2

    • Size

      14.7MB

    • MD5

      60721a9879aa18c266d0c3a658acfd5a

    • SHA1

      efa159cee753c89944d1aaa729d34dc4f79a1568

    • SHA256

      da7edaf3fa9022fa3909185bae8b3c2539e2631c5962e24a154391ecb303aba2

    • SHA512

      1cc0b13b40231df5c946fadc21d9848e7d27173a9fb0db7a34c89d9d95f56a4e0a09d2a5318f3e1dfeb4096c75b4ad316fa7a2d09ab3cd5da3c81fbc19bc1992

    • SSDEEP

      98304:OLu13/Jk2Ph05e+g3XBBqa2ZZzRTC0rBC3FO:OikgcN8BBYFTC0rBC3s

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v6

Tasks