Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-04-25_5d212d2ee06adf6387cb52f658bf83ad_bkransomware

  • Size

    131KB

  • Sample

    240425-w3rwpadd5t

  • MD5

    5d212d2ee06adf6387cb52f658bf83ad

  • SHA1

    ab437087ac4317ad1c579f77942c6b39e55e7a61

  • SHA256

    671d31d0a52dfd60edb5a19cda0e1e486ef20bd920171db1427ec3e4bc4f1b25

  • SHA512

    bd0aa3a78863f28173902745f94c49cf57c4d2f808b1a41431d51236e9d64611772dbf2442f8c543ec78be493d89aa82f4fd8fbe4c05218dc616f0da65c30606

  • SSDEEP

    3072:ZRpAyazIliazTrwNszt0kJ6y1s/NWnxWS1uRWiW7xd:xZ8azQNct0Py1s/2duIP

Malware Config

Targets

    • Target

      2024-04-25_5d212d2ee06adf6387cb52f658bf83ad_bkransomware

    • Size

      131KB

    • MD5

      5d212d2ee06adf6387cb52f658bf83ad

    • SHA1

      ab437087ac4317ad1c579f77942c6b39e55e7a61

    • SHA256

      671d31d0a52dfd60edb5a19cda0e1e486ef20bd920171db1427ec3e4bc4f1b25

    • SHA512

      bd0aa3a78863f28173902745f94c49cf57c4d2f808b1a41431d51236e9d64611772dbf2442f8c543ec78be493d89aa82f4fd8fbe4c05218dc616f0da65c30606

    • SSDEEP

      3072:ZRpAyazIliazTrwNszt0kJ6y1s/NWnxWS1uRWiW7xd:xZ8azQNct0Py1s/2duIP

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks