Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
357b784443bc36daa16210bcf96303b34ffc4ff6db6f69c0b3949fe769eab950
-
Size
15.0MB
-
Sample
221019-m5qlzafcg2
-
MD5
ce3b36620a2f34e844fc0f22847455e6
-
SHA1
852913d58dc8cf283ad554c1c227b7039b8532da
-
SHA256
357b784443bc36daa16210bcf96303b34ffc4ff6db6f69c0b3949fe769eab950
-
SHA512
73e3335b19263b7b0c6a90a874a114e662102fc2bdfd00e09ff3a0d6136b93fa4c8de50ab635cb6c72bbfb22620c9e17d77098c17024f56a6ea7fedc58548c37
-
SSDEEP
98304:OLu1g9ZGl52dqV33xAhe2c9DuFJswsDBBqa2ZZzRTC0rBC3FO:Od9s2cxAjAiJsBDBBYFTC0rBC3s
Malware Config
Targets
-
-
Target
357b784443bc36daa16210bcf96303b34ffc4ff6db6f69c0b3949fe769eab950
-
Size
15.0MB
-
MD5
ce3b36620a2f34e844fc0f22847455e6
-
SHA1
852913d58dc8cf283ad554c1c227b7039b8532da
-
SHA256
357b784443bc36daa16210bcf96303b34ffc4ff6db6f69c0b3949fe769eab950
-
SHA512
73e3335b19263b7b0c6a90a874a114e662102fc2bdfd00e09ff3a0d6136b93fa4c8de50ab635cb6c72bbfb22620c9e17d77098c17024f56a6ea7fedc58548c37
-
SSDEEP
98304:OLu1g9ZGl52dqV33xAhe2c9DuFJswsDBBqa2ZZzRTC0rBC3FO:Od9s2cxAjAiJsBDBBYFTC0rBC3s
Score9/10-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-