Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-06-12_3557f1b951eb1a85cf43a972858bd4e2_bkransomware

  • Size

    290KB

  • Sample

    240612-tac6qa1ajf

  • MD5

    3557f1b951eb1a85cf43a972858bd4e2

  • SHA1

    71f627c9ef94359474f77882798be3d82ffe2513

  • SHA256

    6032096784a8fad68b47f70b5cfc05e7b997070a83b655e3f7717f8e81ea70a8

  • SHA512

    18c74d1d68c12adf7c1be6fdc9b9eeaaf6c33f7e4bc91dc822287e95b2aa19691c87d851cc0cdb23d1784f227043a8945483f9deea938e483a0e612fb2ededd5

  • SSDEEP

    6144:hZMazFlHPfPL1RhcRfb+JPbL43LA9Xm8OuTnQaGGFmGWCkjfF:hS0RsV+Jn40Nm7uTnvVwGWVF

Malware Config

Targets

    • Target

      2024-06-12_3557f1b951eb1a85cf43a972858bd4e2_bkransomware

    • Size

      290KB

    • MD5

      3557f1b951eb1a85cf43a972858bd4e2

    • SHA1

      71f627c9ef94359474f77882798be3d82ffe2513

    • SHA256

      6032096784a8fad68b47f70b5cfc05e7b997070a83b655e3f7717f8e81ea70a8

    • SHA512

      18c74d1d68c12adf7c1be6fdc9b9eeaaf6c33f7e4bc91dc822287e95b2aa19691c87d851cc0cdb23d1784f227043a8945483f9deea938e483a0e612fb2ededd5

    • SSDEEP

      6144:hZMazFlHPfPL1RhcRfb+JPbL43LA9Xm8OuTnQaGGFmGWCkjfF:hS0RsV+Jn40Nm7uTnvVwGWVF

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks