Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    aba86aa690d4d15adcb242b4392752422dbe471125a8d4a523f85a524c9b01be

  • Size

    3.0MB

  • Sample

    221026-2l36aahfd8

  • MD5

    d199170c833669792b4fac70842b9188

  • SHA1

    897cff11d1ffe41834159817d49e73256fe9ced9

  • SHA256

    aba86aa690d4d15adcb242b4392752422dbe471125a8d4a523f85a524c9b01be

  • SHA512

    757663fe8b12c8e5524fc873165f81bf2fbac3f454457ff60e7cc3ef7b9a0437681cdd8b75b2b54a8f2a00279401620e09eab50ac088cc4479798bdfa3762676

  • SSDEEP

    24576:lKKKKGdzswxeqWiZUCM2OLmoQKXIgzodDjkpa+WlnwQwDiREzKEod67yOUIftaZ:4dKeUCPOLmoQo02iNefu

Malware Config

Targets

    • Target

      aba86aa690d4d15adcb242b4392752422dbe471125a8d4a523f85a524c9b01be

    • Size

      3.0MB

    • MD5

      d199170c833669792b4fac70842b9188

    • SHA1

      897cff11d1ffe41834159817d49e73256fe9ced9

    • SHA256

      aba86aa690d4d15adcb242b4392752422dbe471125a8d4a523f85a524c9b01be

    • SHA512

      757663fe8b12c8e5524fc873165f81bf2fbac3f454457ff60e7cc3ef7b9a0437681cdd8b75b2b54a8f2a00279401620e09eab50ac088cc4479798bdfa3762676

    • SSDEEP

      24576:lKKKKGdzswxeqWiZUCM2OLmoQKXIgzodDjkpa+WlnwQwDiREzKEod67yOUIftaZ:4dKeUCPOLmoQo02iNefu

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v6

Tasks