Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-10-02_aa26fe4f41cad4cd4da60958bd7b2b97_cobalt-strike_ryuk

  • Size

    2.8MB

  • Sample

    241002-xvndzasblr

  • MD5

    aa26fe4f41cad4cd4da60958bd7b2b97

  • SHA1

    e3cf645607e9ffc1d9f89ffbd06f485d03cc1329

  • SHA256

    09ef9d5edd9a3a8f7e4a05a27edda0423f0ba151a6c843fa5599167af31b0276

  • SHA512

    3e9814926afb60f761d4e3c2e1c65ed821d5640ad7de308e649a4dc0e8193dccfafcb47d175b6225a408384815b5ff23540b1e6475d0a20e05cfa3ca8f63cbea

  • SSDEEP

    49152:ttbIwL5D4Jc+b01tnAyB63TANQnMEx6Te8wTLDmg27RnWGj:rkPbiHW6ZID527BWG

Malware Config

Targets

    • Target

      2024-10-02_aa26fe4f41cad4cd4da60958bd7b2b97_cobalt-strike_ryuk

    • Size

      2.8MB

    • MD5

      aa26fe4f41cad4cd4da60958bd7b2b97

    • SHA1

      e3cf645607e9ffc1d9f89ffbd06f485d03cc1329

    • SHA256

      09ef9d5edd9a3a8f7e4a05a27edda0423f0ba151a6c843fa5599167af31b0276

    • SHA512

      3e9814926afb60f761d4e3c2e1c65ed821d5640ad7de308e649a4dc0e8193dccfafcb47d175b6225a408384815b5ff23540b1e6475d0a20e05cfa3ca8f63cbea

    • SSDEEP

      49152:ttbIwL5D4Jc+b01tnAyB63TANQnMEx6Te8wTLDmg27RnWGj:rkPbiHW6ZID527BWG

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks