Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

11/01/2024, 13:58

240111-q9tqzahbdp 9

01/09/2023, 17:12

230901-vq4jaagb7w 9

General

  • Target

    JC_17205c43189c22dfcb278f5cc45c2562f622b0b6280dcd43cc1d3c274095eb90

  • Size

    636KB

  • Sample

    240111-q9tqzahbdp

  • MD5

    267d5c3137d313ce1a86c2f255a835e6

  • SHA1

    c7a37c0edeffd23777cca44f9b49076be1bd43e6

  • SHA256

    17205c43189c22dfcb278f5cc45c2562f622b0b6280dcd43cc1d3c274095eb90

  • SHA512

    9c119a9f973dae77f2cdd6a855ae45c20660aadc5c592f6d06f6360dd0bb5a380d0ed1fcc23c0cb721da70bcca7d32db46181be675bf0587276d35d6da26a31e

  • SSDEEP

    12288:aEky5bwpy02iRaeXCP2CIcdoKAXMr+Mr+kJZ4:j02iRaeHPcdo18rTrf6

Malware Config

Targets

    • Target

      JC_17205c43189c22dfcb278f5cc45c2562f622b0b6280dcd43cc1d3c274095eb90

    • Size

      636KB

    • MD5

      267d5c3137d313ce1a86c2f255a835e6

    • SHA1

      c7a37c0edeffd23777cca44f9b49076be1bd43e6

    • SHA256

      17205c43189c22dfcb278f5cc45c2562f622b0b6280dcd43cc1d3c274095eb90

    • SHA512

      9c119a9f973dae77f2cdd6a855ae45c20660aadc5c592f6d06f6360dd0bb5a380d0ed1fcc23c0cb721da70bcca7d32db46181be675bf0587276d35d6da26a31e

    • SSDEEP

      12288:aEky5bwpy02iRaeXCP2CIcdoKAXMr+Mr+kJZ4:j02iRaeHPcdo18rTrf6

    • Renames multiple (1221) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Sets desktop wallpaper using registry

MITRE ATT&CK Enterprise v15

Tasks