Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9f702b94a86558df87de316611d9f1bfe99a6d8da9fa9b3d7bb125a12f9ad11f
-
Size
154KB
-
Sample
240626-pvlldavcrb
-
MD5
9c0be24942593c11acf79e4dd9af842e
-
SHA1
49dcaf92f2696a90020f871c9d6123a517a6f393
-
SHA256
9f702b94a86558df87de316611d9f1bfe99a6d8da9fa9b3d7bb125a12f9ad11f
-
SHA512
e80e3cac32ddc6cc8e95cfcd990737d665a3d76a080ae44d582714fa39ff3e3bcad121dc0f0c65176f27814ece97242ca09d606ff78a977c5fae634795852fe5
-
SSDEEP
3072:nbLkONNeZzyz3z9Uup2u8eFzT9ioLj/GHU1ON:bhLeZOzj9B2u1PTO
Static task
static1
Behavioral task
behavioral1
Sample
9f702b94a86558df87de316611d9f1bfe99a6d8da9fa9b3d7bb125a12f9ad11f.exe
Resource
win7-20240419-en
Malware Config
Extracted
C:\Program Files\7-Zip\!!readme!!!.txt
http://ehehqyhw3iev2vfso4vqs7kcrzltfebe5vbimq62p2ja7pslczs3q6qd.onion/
Targets
-
-
Target
9f702b94a86558df87de316611d9f1bfe99a6d8da9fa9b3d7bb125a12f9ad11f
-
Size
154KB
-
MD5
9c0be24942593c11acf79e4dd9af842e
-
SHA1
49dcaf92f2696a90020f871c9d6123a517a6f393
-
SHA256
9f702b94a86558df87de316611d9f1bfe99a6d8da9fa9b3d7bb125a12f9ad11f
-
SHA512
e80e3cac32ddc6cc8e95cfcd990737d665a3d76a080ae44d582714fa39ff3e3bcad121dc0f0c65176f27814ece97242ca09d606ff78a977c5fae634795852fe5
-
SSDEEP
3072:nbLkONNeZzyz3z9Uup2u8eFzT9ioLj/GHU1ON:bhLeZOzj9B2u1PTO
-
Clears Windows event logs
-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Deletes itself
-
Drops desktop.ini file(s)
-
Power Settings
powercfg controls all configurable power system settings on a Windows system and can be abused to prevent an infected host from locking or shutting down.
-