Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-05-16_497a956e93b8704854e6920322a8c5d8_bkransomware

  • Size

    518KB

  • Sample

    240516-zk89ssff45

  • MD5

    497a956e93b8704854e6920322a8c5d8

  • SHA1

    65a21a7a2a207b3341b1827ace6dde89fd9ecc9b

  • SHA256

    af5bf0d658cd1552d3d6987a00cafbf80c25ec67baee919ccdebece8393799d3

  • SHA512

    2b0b2c5437f30b6af7d53b54f3b342e0856e53dc5b5cb8d6443e77bbe6b57ad4287d0063bec94937969d5d2703611a8d35257355125554f0b352347957c52897

  • SSDEEP

    12288:xC0VWb1WrvKYf5svAoFBC4eE+/xp+RiwQoXueXDv:DVg0KYxsvAoFreVZcRiw9D

Malware Config

Targets

    • Target

      2024-05-16_497a956e93b8704854e6920322a8c5d8_bkransomware

    • Size

      518KB

    • MD5

      497a956e93b8704854e6920322a8c5d8

    • SHA1

      65a21a7a2a207b3341b1827ace6dde89fd9ecc9b

    • SHA256

      af5bf0d658cd1552d3d6987a00cafbf80c25ec67baee919ccdebece8393799d3

    • SHA512

      2b0b2c5437f30b6af7d53b54f3b342e0856e53dc5b5cb8d6443e77bbe6b57ad4287d0063bec94937969d5d2703611a8d35257355125554f0b352347957c52897

    • SSDEEP

      12288:xC0VWb1WrvKYf5svAoFBC4eE+/xp+RiwQoXueXDv:DVg0KYxsvAoFreVZcRiw9D

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks