Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
cddcf3106618d72812eb917df1f5f2e70930ae2720c2d433181e61834ad5ed47
-
Size
1.1MB
-
Sample
221019-eycgrsefa2
-
MD5
b26b60dd2f64de3dacbd2cf01092b4bc
-
SHA1
1904dbe0b486113f0d2ac5b73910c47194b2f63c
-
SHA256
cddcf3106618d72812eb917df1f5f2e70930ae2720c2d433181e61834ad5ed47
-
SHA512
32e8b3e4088ba3c0459ed96d27b0a5ff959ea27c2bbee4ef2b8dec4dcf9b9826f0d4ac2b79b2a700176fc0eef5af3ee386b1b14b31231ff2231f91717bb0d558
-
SSDEEP
6144:e98L598L598L598L598L598L598L598L598LP5MbkpV74MqzvUzH3GeHYwNpYvrY:lKKKKKKKK5VS6i+CpMtENe
Malware Config
Targets
-
-
Target
cddcf3106618d72812eb917df1f5f2e70930ae2720c2d433181e61834ad5ed47
-
Size
1.1MB
-
MD5
b26b60dd2f64de3dacbd2cf01092b4bc
-
SHA1
1904dbe0b486113f0d2ac5b73910c47194b2f63c
-
SHA256
cddcf3106618d72812eb917df1f5f2e70930ae2720c2d433181e61834ad5ed47
-
SHA512
32e8b3e4088ba3c0459ed96d27b0a5ff959ea27c2bbee4ef2b8dec4dcf9b9826f0d4ac2b79b2a700176fc0eef5af3ee386b1b14b31231ff2231f91717bb0d558
-
SSDEEP
6144:e98L598L598L598L598L598L598L598L598LP5MbkpV74MqzvUzH3GeHYwNpYvrY:lKKKKKKKK5VS6i+CpMtENe
Score9/10-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-