Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
315d043b99f988ce9d9f69d7225292eb44623a97c1a029933b62ede699fa9f13.zip
-
Size
93KB
-
Sample
240819-c1vd9atakl
-
MD5
c5bae4038fd9e18d0bbf3a737064dccc
-
SHA1
3573208306c3e4ca25f83953ed638c09ff2c9a4d
-
SHA256
ae788b43e0c6be2a60d626a03c6069a21730d80a45ff5e0053b30a06b1193aa6
-
SHA512
17502d41c3a3a9126b1d6b09918f983f12a0755e0fec5be9320658f738592cfb3d441f22cca259615f4711429c0c6751a5bf328c701731fdce18a47ed45464b7
-
SSDEEP
1536:SYSvLsDGZZKhm0HCrwn9kOfzHZzWiIh0bs9KAYN1sVHOdfAMBucGcveKC+9rkvSS:SYoL/Zym0irw9kOfz599IvYwqfAAucGt
Malware Config
Targets
-
-
Target
315d043b99f988ce9d9f69d7225292eb44623a97c1a029933b62ede699fa9f13.exe
-
Size
146KB
-
MD5
6edfb62405f50d7fb16882ca9b16ed36
-
SHA1
73c346267e9527ca5886bf8a90b77f9ebceb58fe
-
SHA256
315d043b99f988ce9d9f69d7225292eb44623a97c1a029933b62ede699fa9f13
-
SHA512
b3ea04a001c846af5d93435db055986a448fc5d01e86a9292937ce085609b653d41719111d2d031c8b6694eb01d5856e86f9e1a65e8cdc43af51a8ed3d370d2f
-
SSDEEP
3072:PqJogYkcSNm9V7DGoNK696RTpfnEsCygHQlyT:Pq2kc4m9tDHNK6UlJ9CyN
Score9/10-
Renames multiple (566) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Deletes itself
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops desktop.ini file(s)
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-