Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-10-02_aa26fe4f41cad4cd4da60958bd7b2b97_cobalt-strike_ryuk
-
Size
2.8MB
-
Sample
241002-xvndzasblr
-
MD5
aa26fe4f41cad4cd4da60958bd7b2b97
-
SHA1
e3cf645607e9ffc1d9f89ffbd06f485d03cc1329
-
SHA256
09ef9d5edd9a3a8f7e4a05a27edda0423f0ba151a6c843fa5599167af31b0276
-
SHA512
3e9814926afb60f761d4e3c2e1c65ed821d5640ad7de308e649a4dc0e8193dccfafcb47d175b6225a408384815b5ff23540b1e6475d0a20e05cfa3ca8f63cbea
-
SSDEEP
49152:ttbIwL5D4Jc+b01tnAyB63TANQnMEx6Te8wTLDmg27RnWGj:rkPbiHW6ZID527BWG
Static task
static1
Behavioral task
behavioral1
Sample
2024-10-02_aa26fe4f41cad4cd4da60958bd7b2b97_cobalt-strike_ryuk.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
2024-10-02_aa26fe4f41cad4cd4da60958bd7b2b97_cobalt-strike_ryuk
-
Size
2.8MB
-
MD5
aa26fe4f41cad4cd4da60958bd7b2b97
-
SHA1
e3cf645607e9ffc1d9f89ffbd06f485d03cc1329
-
SHA256
09ef9d5edd9a3a8f7e4a05a27edda0423f0ba151a6c843fa5599167af31b0276
-
SHA512
3e9814926afb60f761d4e3c2e1c65ed821d5640ad7de308e649a4dc0e8193dccfafcb47d175b6225a408384815b5ff23540b1e6475d0a20e05cfa3ca8f63cbea
-
SSDEEP
49152:ttbIwL5D4Jc+b01tnAyB63TANQnMEx6Te8wTLDmg27RnWGj:rkPbiHW6ZID527BWG
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1