Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-05-07_e9dc99295c56c46149845977c93878be_bkransomware

  • Size

    131KB

  • Sample

    240507-fr6byaag2z

  • MD5

    e9dc99295c56c46149845977c93878be

  • SHA1

    58889a3ad3eb442bc9d03ebb77dd82d7ebc55e75

  • SHA256

    8494d8b38ccf2a80a6c5079d8d9d8106c2d151f3fcffd34b350f8f3539876359

  • SHA512

    4ba0fd2229619f9c5c29df76fc0ac0ef34fbc87a0ff4f1be5d37eef9f41672b4175d1df6afe67acbd2fdde2bb27b154014e7c8cd3e14bd3accdbc2df14a7d8d0

  • SSDEEP

    3072:ZhpAyazIlyazTvJh4k+VajyPghRhqaT8D:hZMazLJeNEwcRhqJD

Malware Config

Targets

    • Target

      2024-05-07_e9dc99295c56c46149845977c93878be_bkransomware

    • Size

      131KB

    • MD5

      e9dc99295c56c46149845977c93878be

    • SHA1

      58889a3ad3eb442bc9d03ebb77dd82d7ebc55e75

    • SHA256

      8494d8b38ccf2a80a6c5079d8d9d8106c2d151f3fcffd34b350f8f3539876359

    • SHA512

      4ba0fd2229619f9c5c29df76fc0ac0ef34fbc87a0ff4f1be5d37eef9f41672b4175d1df6afe67acbd2fdde2bb27b154014e7c8cd3e14bd3accdbc2df14a7d8d0

    • SSDEEP

      3072:ZhpAyazIlyazTvJh4k+VajyPghRhqaT8D:hZMazLJeNEwcRhqJD

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks