Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-09-12_4227e618d4466eb8956dd91fb8798029_cobalt-strike_ryuk

  • Size

    2.8MB

  • Sample

    240912-y2rweasdmn

  • MD5

    4227e618d4466eb8956dd91fb8798029

  • SHA1

    c1235f39fddefde68cd9ca1191419849f0d5a886

  • SHA256

    8a670edf0683274ce307c471d6374531b6d4a8f1b269ef3ffff65e4d39201fd7

  • SHA512

    bead4f1b7fa64d6befa03511d63a2de6b157470ba1bae8ef5c4bb8fabb8cb4b4fa47ad066fb9baf9fe1a2f2b5a6fb6aae8807c40990fac5540e381e2f1165c00

  • SSDEEP

    49152:ytbIwL5D4Jc+b01tnAyB63TANQnMEx6Te8wTmDmg27RnWGj:skPbiHW6ZVD527BWG

Malware Config

Targets

    • Target

      2024-09-12_4227e618d4466eb8956dd91fb8798029_cobalt-strike_ryuk

    • Size

      2.8MB

    • MD5

      4227e618d4466eb8956dd91fb8798029

    • SHA1

      c1235f39fddefde68cd9ca1191419849f0d5a886

    • SHA256

      8a670edf0683274ce307c471d6374531b6d4a8f1b269ef3ffff65e4d39201fd7

    • SHA512

      bead4f1b7fa64d6befa03511d63a2de6b157470ba1bae8ef5c4bb8fabb8cb4b4fa47ad066fb9baf9fe1a2f2b5a6fb6aae8807c40990fac5540e381e2f1165c00

    • SSDEEP

      49152:ytbIwL5D4Jc+b01tnAyB63TANQnMEx6Te8wTmDmg27RnWGj:skPbiHW6ZVD527BWG

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks