Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
eeaa8a8db280eaec2627078ca7be4ebc6c7842b5999eb294e22550fec505d48d
-
Size
4.8MB
-
Sample
221020-x17pssbca7
-
MD5
f7c99955c9f02ed41275edfa2a235414
-
SHA1
8b38b83d42ae97d8af70ab1c9cdce7d6c486636b
-
SHA256
eeaa8a8db280eaec2627078ca7be4ebc6c7842b5999eb294e22550fec505d48d
-
SHA512
e82ee9f5a733eb5d933cabf702504a861e1a47719a3229e97003bce52144fbdbfbc818f902c47d11d82e143583f705efad1b5a37557dc4d652b7c6a20c31d56d
-
SSDEEP
24576:u666666666m6666666666666666666666666666666666666666666666666666r:
Malware Config
Targets
-
-
Target
eeaa8a8db280eaec2627078ca7be4ebc6c7842b5999eb294e22550fec505d48d
-
Size
4.8MB
-
MD5
f7c99955c9f02ed41275edfa2a235414
-
SHA1
8b38b83d42ae97d8af70ab1c9cdce7d6c486636b
-
SHA256
eeaa8a8db280eaec2627078ca7be4ebc6c7842b5999eb294e22550fec505d48d
-
SHA512
e82ee9f5a733eb5d933cabf702504a861e1a47719a3229e97003bce52144fbdbfbc818f902c47d11d82e143583f705efad1b5a37557dc4d652b7c6a20c31d56d
-
SSDEEP
24576:u666666666m6666666666666666666666666666666666666666666666666666r:
Score9/10-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-