Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
483e0e32d3be3d2e585463aa7475c8b8ce254900bacfb9a546a5318fff024b74
-
Size
974KB
-
Sample
240114-lg9t9sfgfj
-
MD5
45d20637261dea248644a849818659a0
-
SHA1
29a81b7cf0f5f4a69fe47c4ccf3d06a300899997
-
SHA256
483e0e32d3be3d2e585463aa7475c8b8ce254900bacfb9a546a5318fff024b74
-
SHA512
a9c935eb23fba99ba74299db7b8ac3a158183d9fe9ccaaa87e8a1b9d39c518d223563378d981e6bf386f058b159609fb42e14ca45c023f7688ca57e0c61d2519
-
SSDEEP
12288:fFDF/UI+c+xTOQUMnufZUgxXu/VzcccSCO4lkAjx9h/MR1V:fjnb+OQUMnufZ+tzcccSCO6ke3/Mf
Malware Config
Targets
-
-
Target
483e0e32d3be3d2e585463aa7475c8b8ce254900bacfb9a546a5318fff024b74
-
Size
974KB
-
MD5
45d20637261dea248644a849818659a0
-
SHA1
29a81b7cf0f5f4a69fe47c4ccf3d06a300899997
-
SHA256
483e0e32d3be3d2e585463aa7475c8b8ce254900bacfb9a546a5318fff024b74
-
SHA512
a9c935eb23fba99ba74299db7b8ac3a158183d9fe9ccaaa87e8a1b9d39c518d223563378d981e6bf386f058b159609fb42e14ca45c023f7688ca57e0c61d2519
-
SSDEEP
12288:fFDF/UI+c+xTOQUMnufZUgxXu/VzcccSCO4lkAjx9h/MR1V:fjnb+OQUMnufZ+tzcccSCO6ke3/Mf
Score9/10-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Renames multiple (139) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Disables Task Manager via registry modification
-
Stops running service(s)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Sets desktop wallpaper using registry
-