Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
aba86aa690d4d15adcb242b4392752422dbe471125a8d4a523f85a524c9b01be
-
Size
3.0MB
-
Sample
221026-2l36aahfd8
-
MD5
d199170c833669792b4fac70842b9188
-
SHA1
897cff11d1ffe41834159817d49e73256fe9ced9
-
SHA256
aba86aa690d4d15adcb242b4392752422dbe471125a8d4a523f85a524c9b01be
-
SHA512
757663fe8b12c8e5524fc873165f81bf2fbac3f454457ff60e7cc3ef7b9a0437681cdd8b75b2b54a8f2a00279401620e09eab50ac088cc4479798bdfa3762676
-
SSDEEP
24576:lKKKKGdzswxeqWiZUCM2OLmoQKXIgzodDjkpa+WlnwQwDiREzKEod67yOUIftaZ:4dKeUCPOLmoQo02iNefu
Malware Config
Targets
-
-
Target
aba86aa690d4d15adcb242b4392752422dbe471125a8d4a523f85a524c9b01be
-
Size
3.0MB
-
MD5
d199170c833669792b4fac70842b9188
-
SHA1
897cff11d1ffe41834159817d49e73256fe9ced9
-
SHA256
aba86aa690d4d15adcb242b4392752422dbe471125a8d4a523f85a524c9b01be
-
SHA512
757663fe8b12c8e5524fc873165f81bf2fbac3f454457ff60e7cc3ef7b9a0437681cdd8b75b2b54a8f2a00279401620e09eab50ac088cc4479798bdfa3762676
-
SSDEEP
24576:lKKKKGdzswxeqWiZUCM2OLmoQKXIgzodDjkpa+WlnwQwDiREzKEod67yOUIftaZ:4dKeUCPOLmoQo02iNefu
Score9/10-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-