Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    dd34ba23e6e9c388a0c7119da2b779707207635376c0004fa4f02215cd55aa4a

  • Size

    14.5MB

  • Sample

    221018-dvy1xseebn

  • MD5

    7eceed3fb0efd65fc4da619e19a11600

  • SHA1

    79ea888528d96adae3e42c3ca57a773479bd6852

  • SHA256

    dd34ba23e6e9c388a0c7119da2b779707207635376c0004fa4f02215cd55aa4a

  • SHA512

    5dcb297779900090c0df5a865321916b6efec9c32c7da7901f9ed8f8edb3188b6045829406e9e4842182c9e8e750ebf693e0aab3e970118f9b553c259c21b1a2

  • SSDEEP

    196608:2d9JTZksaJ+1orTRtwGfLgAtjpQFTC0rBC3s:2DJTQTReGfLgAlpYTSs

Malware Config

Targets

    • Target

      dd34ba23e6e9c388a0c7119da2b779707207635376c0004fa4f02215cd55aa4a

    • Size

      14.5MB

    • MD5

      7eceed3fb0efd65fc4da619e19a11600

    • SHA1

      79ea888528d96adae3e42c3ca57a773479bd6852

    • SHA256

      dd34ba23e6e9c388a0c7119da2b779707207635376c0004fa4f02215cd55aa4a

    • SHA512

      5dcb297779900090c0df5a865321916b6efec9c32c7da7901f9ed8f8edb3188b6045829406e9e4842182c9e8e750ebf693e0aab3e970118f9b553c259c21b1a2

    • SSDEEP

      196608:2d9JTZksaJ+1orTRtwGfLgAtjpQFTC0rBC3s:2DJTQTReGfLgAlpYTSs

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v6

Tasks