Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-08-23_c739e3cbe286ee14ef2df503e0dce407_ryuk

  • Size

    2.8MB

  • Sample

    240823-t4dz4svhng

  • MD5

    c739e3cbe286ee14ef2df503e0dce407

  • SHA1

    8899e0c7d87f8d32ec747ddc09df019d2d05ec64

  • SHA256

    c5cacbc573c2bc7b2c34bff3b8801ed978f967c09478e5a4306145ecd94fa4fb

  • SHA512

    0d7680251ec9676dfe9cc09d79cfb50eb68bccc3f995653c653698fe9681e1671e86fbe495c3bd733536de9f441a90b36a8cc684f92e0ecef6f3ef6e948b01a4

  • SSDEEP

    49152:WyRTHtTUoHyfJWRhcUWIzfTRVgzt0yYNj/u+q554C/zNjteyUHBdH3ZrLNiXicJy:WaTNyNjR+0/Nte9BpJr7wRGpj3

Malware Config

Targets

    • Target

      2024-08-23_c739e3cbe286ee14ef2df503e0dce407_ryuk

    • Size

      2.8MB

    • MD5

      c739e3cbe286ee14ef2df503e0dce407

    • SHA1

      8899e0c7d87f8d32ec747ddc09df019d2d05ec64

    • SHA256

      c5cacbc573c2bc7b2c34bff3b8801ed978f967c09478e5a4306145ecd94fa4fb

    • SHA512

      0d7680251ec9676dfe9cc09d79cfb50eb68bccc3f995653c653698fe9681e1671e86fbe495c3bd733536de9f441a90b36a8cc684f92e0ecef6f3ef6e948b01a4

    • SSDEEP

      49152:WyRTHtTUoHyfJWRhcUWIzfTRVgzt0yYNj/u+q554C/zNjteyUHBdH3ZrLNiXicJy:WaTNyNjR+0/Nte9BpJr7wRGpj3

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks