Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-07-27_2d3cd573f994c2d3faf9920a940df545_cobalt-strike_ryuk

  • Size

    2.1MB

  • Sample

    240727-3b9qratgpj

  • MD5

    2d3cd573f994c2d3faf9920a940df545

  • SHA1

    b4e4294058d21814e68fd7dfef8fc61c4f493798

  • SHA256

    621cba86a4ee14a238931d27d5c2b2b5a0b8bc87d0eb618b3ab72d115c60136f

  • SHA512

    45ddda4b2533c42c37353417b3b2fda9fe4ef633f666ff3eb6b78f6faf814560247af2a1af94ec110f4dd1a803b778d26f2470b94d99c9d54e2c0a7d8d3845e2

  • SSDEEP

    49152:5ikKqNuKuNgEBV/wtjUNqE76CHHwbShgDUYmvFur31yAipQCtXxc0H:5iekgEBVnfboU7dG1yfpVBlH

Malware Config

Targets

    • Target

      2024-07-27_2d3cd573f994c2d3faf9920a940df545_cobalt-strike_ryuk

    • Size

      2.1MB

    • MD5

      2d3cd573f994c2d3faf9920a940df545

    • SHA1

      b4e4294058d21814e68fd7dfef8fc61c4f493798

    • SHA256

      621cba86a4ee14a238931d27d5c2b2b5a0b8bc87d0eb618b3ab72d115c60136f

    • SHA512

      45ddda4b2533c42c37353417b3b2fda9fe4ef633f666ff3eb6b78f6faf814560247af2a1af94ec110f4dd1a803b778d26f2470b94d99c9d54e2c0a7d8d3845e2

    • SSDEEP

      49152:5ikKqNuKuNgEBV/wtjUNqE76CHHwbShgDUYmvFur31yAipQCtXxc0H:5iekgEBVnfboU7dG1yfpVBlH

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks