Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-08-05_158a7948dfa4571850e95dea785e6f39_bkransomware

  • Size

    1.3MB

  • Sample

    240805-lddbwswdpc

  • MD5

    158a7948dfa4571850e95dea785e6f39

  • SHA1

    4e74ff86d34133e412f38b08743fcabc3afce9c5

  • SHA256

    f35b2d22696aaa3fead54522a10ca216e9807669a3eff82ae22829a069e27255

  • SHA512

    016b374c6a86d61569f49a106d2b53031295574c6aabebaf854ceb522fe9c2f319355a57ff6ade443306903fd64196c19654de9a37fdc32634a7ee2361dc38c0

  • SSDEEP

    12288:DtOw6BakMTmkJR4Do07Y86gw5CtCjX+NLuFhNpBeZT3X:R6BSSkQ/7Gb8NLEbeZ

Malware Config

Targets

    • Target

      2024-08-05_158a7948dfa4571850e95dea785e6f39_bkransomware

    • Size

      1.3MB

    • MD5

      158a7948dfa4571850e95dea785e6f39

    • SHA1

      4e74ff86d34133e412f38b08743fcabc3afce9c5

    • SHA256

      f35b2d22696aaa3fead54522a10ca216e9807669a3eff82ae22829a069e27255

    • SHA512

      016b374c6a86d61569f49a106d2b53031295574c6aabebaf854ceb522fe9c2f319355a57ff6ade443306903fd64196c19654de9a37fdc32634a7ee2361dc38c0

    • SSDEEP

      12288:DtOw6BakMTmkJR4Do07Y86gw5CtCjX+NLuFhNpBeZT3X:R6BSSkQ/7Gb8NLEbeZ

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks