Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-09-04_8f032f34569c3c9e99562a22dfd78a57_hijackloader_ryuk

  • Size

    70.2MB

  • Sample

    240904-d63s9athrq

  • MD5

    8f032f34569c3c9e99562a22dfd78a57

  • SHA1

    2e014a220d6767924c6f9e669ae8deb8bd42383e

  • SHA256

    78604a5813861a7dd652b6d2f151bcf8215f0c700b4a1a8f28986fee220b1a59

  • SHA512

    34a2e6c8f0131f305b0a8eaa385e780fe1da5e21c6977324ecb3249e53460d9c3a5caea9675a3c0120c5982e980c9029706b1c1999cff616cf5febc3df82722d

  • SSDEEP

    1572864:HklDCjxMgp23PnpSRxxhaz/+df11/GgzBGQIj5Oi:Eh+9unkRxDw/Mf/pBGRj5

Malware Config

Targets

    • Target

      2024-09-04_8f032f34569c3c9e99562a22dfd78a57_hijackloader_ryuk

    • Size

      70.2MB

    • MD5

      8f032f34569c3c9e99562a22dfd78a57

    • SHA1

      2e014a220d6767924c6f9e669ae8deb8bd42383e

    • SHA256

      78604a5813861a7dd652b6d2f151bcf8215f0c700b4a1a8f28986fee220b1a59

    • SHA512

      34a2e6c8f0131f305b0a8eaa385e780fe1da5e21c6977324ecb3249e53460d9c3a5caea9675a3c0120c5982e980c9029706b1c1999cff616cf5febc3df82722d

    • SSDEEP

      1572864:HklDCjxMgp23PnpSRxxhaz/+df11/GgzBGQIj5Oi:Eh+9unkRxDw/Mf/pBGRj5

    • UAC bypass

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks