Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    357b784443bc36daa16210bcf96303b34ffc4ff6db6f69c0b3949fe769eab950

  • Size

    15.0MB

  • Sample

    221019-m5qlzafcg2

  • MD5

    ce3b36620a2f34e844fc0f22847455e6

  • SHA1

    852913d58dc8cf283ad554c1c227b7039b8532da

  • SHA256

    357b784443bc36daa16210bcf96303b34ffc4ff6db6f69c0b3949fe769eab950

  • SHA512

    73e3335b19263b7b0c6a90a874a114e662102fc2bdfd00e09ff3a0d6136b93fa4c8de50ab635cb6c72bbfb22620c9e17d77098c17024f56a6ea7fedc58548c37

  • SSDEEP

    98304:OLu1g9ZGl52dqV33xAhe2c9DuFJswsDBBqa2ZZzRTC0rBC3FO:Od9s2cxAjAiJsBDBBYFTC0rBC3s

Malware Config

Targets

    • Target

      357b784443bc36daa16210bcf96303b34ffc4ff6db6f69c0b3949fe769eab950

    • Size

      15.0MB

    • MD5

      ce3b36620a2f34e844fc0f22847455e6

    • SHA1

      852913d58dc8cf283ad554c1c227b7039b8532da

    • SHA256

      357b784443bc36daa16210bcf96303b34ffc4ff6db6f69c0b3949fe769eab950

    • SHA512

      73e3335b19263b7b0c6a90a874a114e662102fc2bdfd00e09ff3a0d6136b93fa4c8de50ab635cb6c72bbfb22620c9e17d77098c17024f56a6ea7fedc58548c37

    • SSDEEP

      98304:OLu1g9ZGl52dqV33xAhe2c9DuFJswsDBBqa2ZZzRTC0rBC3FO:Od9s2cxAjAiJsBDBBYFTC0rBC3s

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v6

Tasks