Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d2ac804720b0fe5e8a0fce91425bc092dd15981a81fd375d51cd7b9bc5f91a28

  • Size

    8.2MB

  • Sample

    221101-grthtahfdp

  • MD5

    30c121c3995d7d7c5597b0b4d3047aa2

  • SHA1

    4c80abe95de3788a5ff6b2e16175a68b76413643

  • SHA256

    d2ac804720b0fe5e8a0fce91425bc092dd15981a81fd375d51cd7b9bc5f91a28

  • SHA512

    62ddd7fdd89e0273d31fceaa88dfa108d043b8364e420594511ba1d30acc7cae5e58e3efec973c10357c0482739f7084fef96ce75ed4dfb99066233baca7c25b

  • SSDEEP

    98304:HNOLtQJ4I4iXHYiRcinKNwFFClurxUTkCOS20BYql7x+oZHcV4i/kgE7/FG4l7zG:HNOLA4uYXcqG0vGfLgc

Malware Config

Targets

    • Target

      d2ac804720b0fe5e8a0fce91425bc092dd15981a81fd375d51cd7b9bc5f91a28

    • Size

      8.2MB

    • MD5

      30c121c3995d7d7c5597b0b4d3047aa2

    • SHA1

      4c80abe95de3788a5ff6b2e16175a68b76413643

    • SHA256

      d2ac804720b0fe5e8a0fce91425bc092dd15981a81fd375d51cd7b9bc5f91a28

    • SHA512

      62ddd7fdd89e0273d31fceaa88dfa108d043b8364e420594511ba1d30acc7cae5e58e3efec973c10357c0482739f7084fef96ce75ed4dfb99066233baca7c25b

    • SSDEEP

      98304:HNOLtQJ4I4iXHYiRcinKNwFFClurxUTkCOS20BYql7x+oZHcV4i/kgE7/FG4l7zG:HNOLA4uYXcqG0vGfLgc

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v6

Tasks