Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-05-11_c4de79253987ef24561160b0fda73dee_bkransomware

  • Size

    262KB

  • Sample

    240511-szcqtage78

  • MD5

    c4de79253987ef24561160b0fda73dee

  • SHA1

    ad307e6ff2f85567effc74de749f40600ff1615d

  • SHA256

    9b04e4fc6e74cd2505d574668d0f88d79679af1f12d380d2136f2a785056d9ea

  • SHA512

    22ba6ef98d1c3023e77dd2b3989b626da6fc8b57881da07474be933d041a72be1205ebd8c33964d24080b7ccb6ae75540e257fda414f60bc9302ec939ac8d83e

  • SSDEEP

    6144:hZMazhUuJd8Al7t3t891EMu+dKCwLa+gavuMU:hS0WuvrJd8/Es4ana2MU

Malware Config

Targets

    • Target

      2024-05-11_c4de79253987ef24561160b0fda73dee_bkransomware

    • Size

      262KB

    • MD5

      c4de79253987ef24561160b0fda73dee

    • SHA1

      ad307e6ff2f85567effc74de749f40600ff1615d

    • SHA256

      9b04e4fc6e74cd2505d574668d0f88d79679af1f12d380d2136f2a785056d9ea

    • SHA512

      22ba6ef98d1c3023e77dd2b3989b626da6fc8b57881da07474be933d041a72be1205ebd8c33964d24080b7ccb6ae75540e257fda414f60bc9302ec939ac8d83e

    • SSDEEP

      6144:hZMazhUuJd8Al7t3t891EMu+dKCwLa+gavuMU:hS0WuvrJd8/Es4ana2MU

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks