Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a864282fea5a536510ae86c77ce46f7827687783628e4f2ceb5bf2c41b8cd3c6.bin.sample.gz

  • Size

    436KB

  • Sample

    231102-gpea4sab73

  • MD5

    a7c08740bb69577dc209208fc11f0278

  • SHA1

    499f4832c11f98ead2c99cc333bca413520b0bef

  • SHA256

    cea5e345ee085bce7280397205d0c5e9488b5e3ffcb396a2333a745c46baf759

  • SHA512

    40bfe597c7a1df078ba1303750fc8d1748a2e23b0a438f84b8cc26085d2455d01b45da1ed9b640cfbf980fe5204e9ca2a1d9ade5ac36cc9871e1a8f475f256d1

  • SSDEEP

    6144:y+JgUb8qkkJp3sqTQ3lJ8LMYWiEXRtXp8XmhX5PfvPwY9JlORT7:y+SUb88vTCJ8LsdvXR4oOh7

Malware Config

Targets

    • Target

      sample

    • Size

      1.2MB

    • MD5

      0c8e88877383ccd23a755f429006b437

    • SHA1

      69b3d913a3967153d1e91ba1a31ebed839b297ed

    • SHA256

      a864282fea5a536510ae86c77ce46f7827687783628e4f2ceb5bf2c41b8cd3c6

    • SHA512

      ba5296a84b7107b293d1afd4752157edaa1a3f1059685ecad2ddea9b9221ee9c8092ce5cae6f2f6a4866e25ca0bf66dd3fbc0786b2a26cb708d2cd536dd85041

    • SSDEEP

      24576:utP7hdO1s6Skscec1SgnyN9HPFCCNhQI6GOfaFVIVrYwcMavDiZn3m75/J7:gLO1qkscec0gnyN9HPFCCNSI6GOfaFVp

    • Renames multiple (1489) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Renames multiple (678) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Sets desktop wallpaper using registry

MITRE ATT&CK Enterprise v15

Tasks