Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    eeaa8a8db280eaec2627078ca7be4ebc6c7842b5999eb294e22550fec505d48d

  • Size

    4.8MB

  • Sample

    221020-x17pssbca7

  • MD5

    f7c99955c9f02ed41275edfa2a235414

  • SHA1

    8b38b83d42ae97d8af70ab1c9cdce7d6c486636b

  • SHA256

    eeaa8a8db280eaec2627078ca7be4ebc6c7842b5999eb294e22550fec505d48d

  • SHA512

    e82ee9f5a733eb5d933cabf702504a861e1a47719a3229e97003bce52144fbdbfbc818f902c47d11d82e143583f705efad1b5a37557dc4d652b7c6a20c31d56d

  • SSDEEP

    24576:u666666666m6666666666666666666666666666666666666666666666666666r:

Malware Config

Targets

    • Target

      eeaa8a8db280eaec2627078ca7be4ebc6c7842b5999eb294e22550fec505d48d

    • Size

      4.8MB

    • MD5

      f7c99955c9f02ed41275edfa2a235414

    • SHA1

      8b38b83d42ae97d8af70ab1c9cdce7d6c486636b

    • SHA256

      eeaa8a8db280eaec2627078ca7be4ebc6c7842b5999eb294e22550fec505d48d

    • SHA512

      e82ee9f5a733eb5d933cabf702504a861e1a47719a3229e97003bce52144fbdbfbc818f902c47d11d82e143583f705efad1b5a37557dc4d652b7c6a20c31d56d

    • SSDEEP

      24576:u666666666m6666666666666666666666666666666666666666666666666666r:

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v6

Tasks