Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-02-20_638a3f126566b70307cce5796f497437_ryuk

  • Size

    1.8MB

  • Sample

    240220-sydxgsbc42

  • MD5

    638a3f126566b70307cce5796f497437

  • SHA1

    d8add610f80923959cb39ab947e8b1dfe13612b0

  • SHA256

    3cab31e6da44b7a855d1e9aa6141139310c7da3af60a3d49384cf1179e64ec73

  • SHA512

    d6498ede5a3cf74a28f8f118449a36aa41c70ad86c3ae80fb829ce698f3102fbd96ed0d95995840ae9ab512313f317a5a3e3d682540745a4f253598aec9e1c9d

  • SSDEEP

    49152:IKX0DzOswXpfymHQlIuQo/snji6attJM:qXNOpfjqIUEnW6at

Score
7/10

Malware Config

Targets

    • Target

      2024-02-20_638a3f126566b70307cce5796f497437_ryuk

    • Size

      1.8MB

    • MD5

      638a3f126566b70307cce5796f497437

    • SHA1

      d8add610f80923959cb39ab947e8b1dfe13612b0

    • SHA256

      3cab31e6da44b7a855d1e9aa6141139310c7da3af60a3d49384cf1179e64ec73

    • SHA512

      d6498ede5a3cf74a28f8f118449a36aa41c70ad86c3ae80fb829ce698f3102fbd96ed0d95995840ae9ab512313f317a5a3e3d682540745a4f253598aec9e1c9d

    • SSDEEP

      49152:IKX0DzOswXpfymHQlIuQo/snji6attJM:qXNOpfjqIUEnW6at

    Score
    7/10
    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks