Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d2ac804720b0fe5e8a0fce91425bc092dd15981a81fd375d51cd7b9bc5f91a28
-
Size
8.2MB
-
Sample
221101-grthtahfdp
-
MD5
30c121c3995d7d7c5597b0b4d3047aa2
-
SHA1
4c80abe95de3788a5ff6b2e16175a68b76413643
-
SHA256
d2ac804720b0fe5e8a0fce91425bc092dd15981a81fd375d51cd7b9bc5f91a28
-
SHA512
62ddd7fdd89e0273d31fceaa88dfa108d043b8364e420594511ba1d30acc7cae5e58e3efec973c10357c0482739f7084fef96ce75ed4dfb99066233baca7c25b
-
SSDEEP
98304:HNOLtQJ4I4iXHYiRcinKNwFFClurxUTkCOS20BYql7x+oZHcV4i/kgE7/FG4l7zG:HNOLA4uYXcqG0vGfLgc
Malware Config
Targets
-
-
Target
d2ac804720b0fe5e8a0fce91425bc092dd15981a81fd375d51cd7b9bc5f91a28
-
Size
8.2MB
-
MD5
30c121c3995d7d7c5597b0b4d3047aa2
-
SHA1
4c80abe95de3788a5ff6b2e16175a68b76413643
-
SHA256
d2ac804720b0fe5e8a0fce91425bc092dd15981a81fd375d51cd7b9bc5f91a28
-
SHA512
62ddd7fdd89e0273d31fceaa88dfa108d043b8364e420594511ba1d30acc7cae5e58e3efec973c10357c0482739f7084fef96ce75ed4dfb99066233baca7c25b
-
SSDEEP
98304:HNOLtQJ4I4iXHYiRcinKNwFFClurxUTkCOS20BYql7x+oZHcV4i/kgE7/FG4l7zG:HNOLA4uYXcqG0vGfLgc
Score9/10-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-