Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d7763975704a1b45644957752f58e326de740355b0ccbfab7d5e17e9b966b1b5

  • Size

    9.9MB

  • Sample

    221026-s4cavagbb3

  • MD5

    e7555b068e1137714a27476c4597d083

  • SHA1

    e64188b39972adda1ddab18490d22b09dcc38d77

  • SHA256

    d7763975704a1b45644957752f58e326de740355b0ccbfab7d5e17e9b966b1b5

  • SHA512

    4bd51cd70b2bda7d1a94949507ac74f8b970ae8db1821bf299c814aea232670a409cd951b8b67d6b6f75a1d78e67c35c8fe6f6a808084fb7cbe7f396eb012680

  • SSDEEP

    196608:bNOLFhxdSZB0hGqdPofKsIkzHLqj2L3FCGRbki2O:cx9SZBqGqlDgcowGRB

Malware Config

Targets

    • Target

      d7763975704a1b45644957752f58e326de740355b0ccbfab7d5e17e9b966b1b5

    • Size

      9.9MB

    • MD5

      e7555b068e1137714a27476c4597d083

    • SHA1

      e64188b39972adda1ddab18490d22b09dcc38d77

    • SHA256

      d7763975704a1b45644957752f58e326de740355b0ccbfab7d5e17e9b966b1b5

    • SHA512

      4bd51cd70b2bda7d1a94949507ac74f8b970ae8db1821bf299c814aea232670a409cd951b8b67d6b6f75a1d78e67c35c8fe6f6a808084fb7cbe7f396eb012680

    • SSDEEP

      196608:bNOLFhxdSZB0hGqdPofKsIkzHLqj2L3FCGRbki2O:cx9SZBqGqlDgcowGRB

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v6

Tasks