Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-06-03_05db338b311bc456fee67e84307baa58_ryuk

  • Size

    1.0MB

  • Sample

    240603-mftmbscd96

  • MD5

    05db338b311bc456fee67e84307baa58

  • SHA1

    489b681805e8e2426a7b288b3e4f9326d432e3ad

  • SHA256

    38ca0cda0d1c3a781bc84b8b3aff122e329ef4aae45ade5eea4a6294b252664f

  • SHA512

    aeaea6099c792f0948e4a5972f98a0e08e219ee4ede4ef4ed740a97bd8d523bf8cd7aeee125daa4d312b89eed8cf220ca2da3be2e1e84af979afde86ec73d981

  • SSDEEP

    24576:9iBEkWqwXeAVmYzsqjnhMgeiCl7G0nehbGZpbD:xz5Xe6X3Dmg27RnWGj

Malware Config

Targets

    • Target

      2024-06-03_05db338b311bc456fee67e84307baa58_ryuk

    • Size

      1.0MB

    • MD5

      05db338b311bc456fee67e84307baa58

    • SHA1

      489b681805e8e2426a7b288b3e4f9326d432e3ad

    • SHA256

      38ca0cda0d1c3a781bc84b8b3aff122e329ef4aae45ade5eea4a6294b252664f

    • SHA512

      aeaea6099c792f0948e4a5972f98a0e08e219ee4ede4ef4ed740a97bd8d523bf8cd7aeee125daa4d312b89eed8cf220ca2da3be2e1e84af979afde86ec73d981

    • SSDEEP

      24576:9iBEkWqwXeAVmYzsqjnhMgeiCl7G0nehbGZpbD:xz5Xe6X3Dmg27RnWGj

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Registers COM server for autorun

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks