Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c9a311b32a19e1de38a0cd35636bd2af933033e2e57a488464bf0c22d06ba6ed

  • Size

    1.0MB

  • Sample

    221018-xbcs5aghgk

  • MD5

    ac1496103b473d73a79c5a89d848b547

  • SHA1

    bc1020e580481d4483b83f0fcc26fc780aa7560b

  • SHA256

    c9a311b32a19e1de38a0cd35636bd2af933033e2e57a488464bf0c22d06ba6ed

  • SHA512

    d78ae0c85ded9bd14229b33ae42b8ca64f4ac5d6691f48abebc513e26ff58e9ef1ea3b4d3b7bc895c5a1230919e4386b31249ef6561117588a5289057ff28f8f

  • SSDEEP

    24576:lKKKKKKKKKKKKKKKKKKKKKKN7ChBWMQ+uSJJd3:WjLuSh3

Malware Config

Targets

    • Target

      c9a311b32a19e1de38a0cd35636bd2af933033e2e57a488464bf0c22d06ba6ed

    • Size

      1.0MB

    • MD5

      ac1496103b473d73a79c5a89d848b547

    • SHA1

      bc1020e580481d4483b83f0fcc26fc780aa7560b

    • SHA256

      c9a311b32a19e1de38a0cd35636bd2af933033e2e57a488464bf0c22d06ba6ed

    • SHA512

      d78ae0c85ded9bd14229b33ae42b8ca64f4ac5d6691f48abebc513e26ff58e9ef1ea3b4d3b7bc895c5a1230919e4386b31249ef6561117588a5289057ff28f8f

    • SSDEEP

      24576:lKKKKKKKKKKKKKKKKKKKKKKN7ChBWMQ+uSJJd3:WjLuSh3

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v6

Tasks