Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    27e765ba494c9f2c1228f57455642fdb

  • Size

    1.3MB

  • Sample

    231231-ex3bsscbd3

  • MD5

    27e765ba494c9f2c1228f57455642fdb

  • SHA1

    7dc8e7af1f2edb7cf2e70c4662f2431451829445

  • SHA256

    8025918ab649e33642c4eb74c2814397e971d5ab68e631e91649354c8dec2be5

  • SHA512

    09c96df46a1675e87a0c02dd11d756b1c1f7972e9a81f15a6c2e7a3a802709140f9f0c406fd3411994f211c1ffed57f6059f6bac0b90233822866ec1202ce192

  • SSDEEP

    24576:+MlX1xXDLIkvMedOubwnrEXLy8uphS7NRc/SB0V386/P1EnGJZv:jlFxnIf8wnrmW3ORuSBy3r/PsGPv

Malware Config

Targets

    • Target

      27e765ba494c9f2c1228f57455642fdb

    • Size

      1.3MB

    • MD5

      27e765ba494c9f2c1228f57455642fdb

    • SHA1

      7dc8e7af1f2edb7cf2e70c4662f2431451829445

    • SHA256

      8025918ab649e33642c4eb74c2814397e971d5ab68e631e91649354c8dec2be5

    • SHA512

      09c96df46a1675e87a0c02dd11d756b1c1f7972e9a81f15a6c2e7a3a802709140f9f0c406fd3411994f211c1ffed57f6059f6bac0b90233822866ec1202ce192

    • SSDEEP

      24576:+MlX1xXDLIkvMedOubwnrEXLy8uphS7NRc/SB0V386/P1EnGJZv:jlFxnIf8wnrmW3ORuSBy3r/PsGPv

    • Troldesh, Shade, Encoder.858

      Troldesh is a ransomware spread by malspam.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks